09/28/2019, 6:32 PM
You could do similar with a dev pipeline but I suspect you’ll need a boatload of other tooling before osquery comes into play. Eg git pre-push hooks using Talisman on dev’s machines to alert on API keys, passwords, secrets being checked into repos.

Tim F.

09/29/2019, 11:39 PM
Hi @raj -- one of the things I was looking it in CI/CD was fuzzing of the software being deployed -- but it occurred to me that perhaps that could go hand in hand with automated tests using OSQuery to check for known malicious patterns that would run on the server.
I think yours is another use case I was thinking about where there’s deployment to workstations as well, but was thinking more as part of the build process