YoVDO

Serverless Osquery Backend and Big Data Exploration

Offered By: Security BSides San Francisco via YouTube

Tags

Security BSides Courses Big Data Courses Data Visualization Courses Serverless Computing Courses Intrusion Detection Courses Cloudflare Courses

Course Description

Overview

Explore the deployment of a serverless osquery backend for large-scale intrusion detection in this conference talk from BSidesSF 2020. Dive into the challenges of scaling osquery, an open-source community-driven endpoint detection tool, and learn about endpoint management and data transport considerations. Discover how to utilize Saltstack for osquery deployment, implement efficient data transport and storage solutions, and leverage big data exploration techniques. Gain insights into performance optimization, data visualization, and export methods for comprehensive security analysis.

Syllabus

Introduction
What is CloudFlare
CloudFlare Mission
Osquery Background
Osquery to Scale
Saltstack
Osquery Salt State
Osquery Salt Stack
Data Transport and Storage
Cenote
Osquery
Performance
Cons
StackDriver
Big Query
JSON Object
Visualization
Export Data
Questions


Taught by

Security BSides San Francisco

Related Courses

Early Detection through Deception
YouTube
Hack for Show, Report for Dough - Brian King
YouTube
Blue Teamin on a Budget of Zero - Kyle Bubp
YouTube
Windows Event Logs - Zero to Hero
YouTube
Weaponizing Splunk - Using Blue Team Tools for Evil
YouTube