Douglas Wilson – Medium

Douglas Wilson

Douglas Wilson
in
Uptycs

6 tasks for macOS system monitoring

Osquery offers introspection capabilities for macOS that were previously difficult to achieve. Osquery uses a universal agent to collect…

Nov 14, 2018

6 tasks for macOS system monitoring

Nov 14, 2018

Douglas Wilson
in
Uptycs

Osquery In Action: Where and When to Apply “Threat Intel”

So, what does Threat Intelligence mean? Ask a variety of people, and they will give you a variety of responses — IOCs, IOAs, File Hashes…

Jul 19, 2018

Osquery In Action: Where and When to Apply “Threat Intel”

Jul 19, 2018

Douglas Wilson
in
Uptycs

SQL introduction for osquery

SQL (Standard Query Language) will be in its mid-forties later this month having been introduced by its creators Donald Chamberlin and…

May 3, 2018

SQL introduction for osquery

May 3, 2018

Douglas Wilson
in
Uptycs

Finding OSX/CreativeUpdater with osquery

The first week of February 2018 has seen another piece of macOS malware — this time a cryptominer masquerading as several different…

Feb 5, 2018

Feb 5, 2018

Douglas Wilson
in
Uptycs

Finding OSX/MaMi with osquery

Seeing on Twitter that Patrick Wardle (a must follow for macOS security!) may have found his first piece of macOS malware for 2018, I…

Jan 12, 2018

Jan 12, 2018

Douglas Wilson
in
Uptycs

Quick update to #iamroot issues

Further updates in the #iamroot saga have shown a confusing set of responses from Apple that invalidate some of what I posted earlier, and…

Dec 6, 2017

Dec 6, 2017

Douglas Wilson
in
Uptycs

Identifying #iamroot issues with osquery (blank password vuln in macOS 10.13.1)

Update: Apple has released a somewhat confusing set of security updates, which invalidates some of what I have posted here. I will update…

Nov 30, 2017

Nov 30, 2017

Douglas Wilson

Douglas Wilson

Director of Security at @Uptycs — building SaaS solutions on top of osquery. Alumni of @FireEye, @Mandiant, and @OWASP. Fan of whiskey, food, travel, and tech.

Following

Help
Status
About
Careers
Press
Blog
Privacy
Terms
Text to speech
Teams