OTX Endpoint Security is a threat-scanning service that allows users to identify malware and other threats by scanning endpoints for indicators of compromise (IOCs) catalogued in the Open Threat Exchange (OTX). The service uses an agent-based approach powered by the OTX agent, which is built on osquery and can be installed on Windows and Linux devices. Users can launch queries on endpoints from OTX by selecting pre-defined queries that search for IOCs in one or more OTX pulses. The OTX agent executes these queries and displays results on a summary page within OTX. The service does not provide continuous or automatic monitoring; each query must be launched manually. Upon activation, the OTX agent collects device data including computer name, hostname, external IP, OS type and version. Scans return additional data such as file paths, IP addresses and ports, command line of running processes, process IDs, process working directories, and file hashes (SHA-1, SHA-256, MD5). The service is available to any registered OTX user and provides access to threat intelligence from the OTX community. The OTX agent is designed to be lightweight with a small footprint for quick installation and deployment.