09/28/2019, 6:32 PM
You could do similar with a dev pipeline but I suspect you’ll need a boatload of other tooling before osquery comes into play. Eg git pre-push hooks using Talisman on dev’s machines to alert on API keys, passwords, secrets being checked into repos.
Tim F.

Tim F.

09/29/2019, 11:39 PM
Hi @raj -- one of the things I was looking it in CI/CD was fuzzing of the software being deployed -- but it occurred to me that perhaps that could go hand in hand with automated tests using OSQuery to check for known malicious patterns that would run on the server.
11:40 PM
I think yours is another use case I was thinking about where there’s deployment to workstations as well, but was thinking more as part of the build process