osquery

🚀 Bring your favorite shell wherever you go through the ssh. Xonsh shell, fish, zsh, osquery and so on.

Open device management

Automate the creation of a lab environment complete with security tooling and logging best practices

A flexible control server for osquery fleets

A repository for using osquery for incident detection and response

Zentral is a high-visibility platform for controlling Apple endpoints in enterprises. It brings great observability to IT and makes tracking & reporting compliance much less manual.

Production-ready detection & response queries for osquery

DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.

Osquery launcher, autoupdater, and packager

Fast and efficient osquery management

Go bindings for osquery

Hubble is a modular, open-source security compliance framework. The project provides on-demand profile-based auditing, real-time security event notifications, alerting, and reporting.

osquery extensions by Trail of Bits

[EXPERIMENTAL] Extend osquery to report on Kubernetes

Threat Hunting & Incident Investigation with Osquery

Fully automated host & network intrusion detection platform. Detects malware from behavioural patterns rather than signatures and enables deeper visibility than legacy tools.

SIAC is an enterprise SIEM built on open-source technology.

Manage, monitor and improve your cyber security posture.

Go app that dispatches osquery to multi-machines

Provide a shell like interface by utilizing osquery's distributed API