osquery Application Security Assessment Public Report

In an audit commissioned by Facebook, NCC Group consultants Raphael Salas, Andrew Rahimi and Robert Seacord provided an audit of the  osquery framework for operating system instrumentation.

osquery represents operating system details and events as SQL tables that can be queried real-time in complex ways. The audit covered the osquery core and plugin interfaces, focusing on table data collection, functionality exposed through the OSX kernel module, and remote configuration and logger plugins.

Download the Public Report 

Published date:  11 March 2016

comments powered by Disqus

Filter By Service

Filter By Type