Hi everyone, I've been working on a new security monitoring solution (XDR) for real-time threat detection on Linux servers and endpoints that is based on osquery. It uses a custom fleet management architecture to distributes osquery configuration files to agents and collect logs. Logs are correlated on the central server (that you self-host) to detect threats and provide security recommendations. One of the main goals of the project is to let everyone take full advantage of osquery for threat detection by creating a framework around it with indexing, database storage and visualization all taken care of. So far in my tests against Wazuh it performs pretty well and detects many security events that go unnoticed by Wazuh. What do you think about it as a concept? Any recommendations? https://impulse-xdr.com/