We believe empowering engineers drives innovation.

Security Articles

An Introduction to Osquery What is osquery? Osquery is an incredibly powerful and flexible endpoint detection and observability tool. It exposes an OS as a relational database that can be queried using a SQL-like query language. Using this there is a huge amount of security, compliance, and even sysadmin tasks that can be empowered by it. How do I run osquery? Osquery generally supports two modes of operation, an interactive shell mode (as the executable osqueryi) or as a daemonized service (as the executable osqueryd).

By Michael Ell
January 5, 2024

Introduction Simple Storage Service (S3) is AWS’ binary large object (blob) storage system, capable of storing an unlimited number of files (up to 5TB in size per file) in a highly durable, dependable, and secure manner. This allows S3 to serve a multitude of use cases, such as publicly accessible static website assets, private data lake files, service logs, system backups, and many others. Each of these uses will require different permission levels and controls.

By Michael Simon
July 17, 2023

Flow logs are the native network logging layer for AWS. These logs can be setup specifically for logging IP traffic on subnets, network interfaces, or VPCs. VPC flow logs in particular contain a vast amount of IP traffic information and data points for our resources that can be leveraged for: Monitoring boundaries for networks and AWS accounts Detecting anomolous network activity Catching unintentional cross-region data transfers early (to avoid unnecessary costs) Identifying system optimizations based on AZ distribution Performing various network traffic flow optimizations In this blog post, we’ll be learning how to:

By Mueez Khan & James Becker
August 18, 2022