Can someone explain me how osquery detects if software is vulnerable or not?
like are you checking with some open source database or something else?
g
Gavin
04/27/2022, 8:17 AM
Osquery itself is a tool to gather device information.
Osquery can for example pull a list of software and it’s version then tools such as #C01DXJL16D8 can cross reference this against the https://nvd.nist.gov/ for known CVE’s