Palantir osquery Configuration Logo

Palantir osquery Configuration

0
Free
Visit Website

This repository provides a baseline template for organizations deploying osquery in a production environment, including query packs tailored to specific environments such as unwanted-chrome-extensions and windows-attacks, emphasizing careful consideration of datasets and use-cases for optimal osquery operation.

FEATURES

ALTERNATIVES

Enhances Windows OS security through system modifications and settings adjustments.

A remediation orchestration platform that consolidates security alerts, automates triage, and streamlines the remediation process across hybrid environments.

Malware allows attackers to execute Windows commands from a remote environment

A report on detecting lateral movement through tracking event logs, updated to include analysis of various tools and commands used by attackers.

A System for Abuse- and Incident Handling with log file analysis capabilities.

A DFIR console integrating various cybersecurity tools and frameworks for efficient incident response.

A compilation of suggested tools for each component in a detection and response pipeline, with real-world examples, to design effective threat detection and response pipelines.

PowerGRR is a PowerShell module for the GRR API, allowing automation and scripting for incident response and remote live forensics.