IT Infrastructure Investigation with OSQuery

OSQuery is a framework for collecting and organizing information about the infrastructure of a SOC clients. It provides this information to analysts through a relational data model.

Analysts write SQL statements to get information about the hardware, software, running processes, file system, registry, etc., of computers. Analysts can then use this information in their investigations or to respond to incidents.

Contact your assigned sales representative to enable the OSQuery feature for devices that meet the requirements specified in OSQuery Requirements.