Anyone know if there is a published list of cloud services security analytics/protection offerings that has osquery integrated? Our company's been using a product, I'll called CB, and it hasn't met our needs. I Ideally, IMHO, I want my cloud security service to also support osquery packs. But, I am just one cog/opinion of what we should consider.
07/21/2022, 1:12 AM
are you asking if there are any vendors, who’s products are based around osquery, and will let you upload your own packs?
I think, yes. Yes there are some. But what happens with the data in your packs? that’s probably going to vary a lot.
I work for Kolide, we’re generally focused on bringing users into the process. So there’s a lot of slack messaging.
Other vendors are around.
07/22/2022, 7:19 PM
@seph Thanks for responding. Yes, I am interested in providers that can use packs, but our current vendor only allows queries. This isn't bad for reporting, but not as effective as being proactive. That aside, a list of companies that are at least granting the ability to query is a feature that I don't want to lose.
07/22/2022, 7:59 PM
Speaking for Kolide’s product — data from packs ends up in our log pipeline, and from there it's up to you. Data we generate internally feeds into our inventory and check system and triggers various user actions. I can't speak to other vendors, but would encourage you to try Kolide.