osquery was released as an open source product by Facebook in October 2014. It is an instrumentation framework for Ubuntu, CentOS, and OS X. osquery makes low-level operating system analytics and monitoring both performant and intuitive.
This talk will walk through why we created osquery, how we use osquery at Facebook to improve our security how other companies currently take advantage of osquery, and how you can too!
We’ll outline some of the challenges and sensitivities we faced when developing osquery and planning its open source release, as well as how we overcame those issues. Additionally, we’ll spend some time talking about why we believe open source is critical to advancing the state of trusted, secure software. Security through obscurity is dead; this is the age of security through transparency.
Mike Arpaia is a software engineer on the security team at Facebook where he builds software to detect, prevent and respond to compromise. Before Facebook, Mike was a senior software engineer on the security team at Etsy, the world’s handmade marketplace. Before working at Etsy, Mike worked at iSEC Partners, where he specialized in mobile application and mobile operating system security.
Mike has previously presented at over two dozen conferences in seven US states and three countries including Black Hat USA, Source Boston, DEFCON, and Nordic Security Conference, on topics such as data infrastructure and analytics, secure mobile development, mobile exploit intelligence, mobile operating system security, and information security education.