Title
#general
c

chrishumphries

08/20/2018, 8:08 PM
True, no I agree there. So maybe a good approach would be get a good tool in place to actively listen for threats, and then use osquery on top of that
clippy

clippy

08/20/2018, 9:29 PM
I generally go with; AV (or your next-gen equiv) is an unfortunate necessity. Osquery is what I turn to when I want behavioral or targeted information about a system (or systems)