Course Overview

Whether you're a security professional, system administrator, or enthusiast, this course equips you to leverage Osquery's powerful open-source capabilities for monitoring, compliance, and incident response. Through hands-on exercises, you'll explore how to use Osquery to detect and respond to threats effectively while aligning with security best practices.

This course begins with an introduction to asset management, the CIS Critical Security Controls, and the essential tools like VirtualBox and Docker to set up your environment. You'll then dive into Osquery, learning to install it, run SQL queries, configure scheduled queries, and integrate it with the ELK stack. Advanced topics include file integrity monitoring, mapping queries to the MITRE ATT&CK framework, using YARA rules for threat hunting, and automating compliance. The course also covers Fleet, a web-based interface for managing Osquery at scale, focusing on its integration, usage, and advantages in real-world scenarios.

By the end of this course, you'll have the skills and confidence to implement Osquery and Fleet in your environment, ensuring enhanced security visibility and proactive threat management.

What You Will Learn

  • Master the fundamentals of Osquery, including installation, configuration, and scheduled queries
  • Understand the tools available in the Osquery fleet manager
  • Gain hands-on experience with practical exercises
  • Learn how to integrate Osquery into your Security Information and Event Management (SIEM) system
  • Utilize Osquery for system auditing

Program Curriculum

  • Overview of CIS Critical Security Controls
  • Getting Started with Docker
  • Chapter 1 Quiz

  • Installation of Osquery
  • Introduction to Osquery
  • Configuring Scheduled Queries with osqueryd Service
  • Integrating Osquery with SIEM
  • File Integrity Monitoring
  • Mapping Queries to Mitre Att&ck
  • Hunting with YARA Rules
  • Comprehensive System Monitoring and Threat Detection with osquery - Lab
  • Chapter 2 Quiz

  • Introduction to Fleet
  • Using Fleet
  • Working with Fleet Policies
  • Software Monitoring and Vulnerability
  • Integrating Osquery with Fleet
  • Fleetctl
  • Comprehensive Endpoint Management with Fleet and Osquery - Lab
  • Chapter 3 Quiz

Instructor

Adam Tilmar Jakobsen

Adam Tilmar is an expert in cyber security. He brings a deep understanding of the challenges faced in network security and asset management. Adam’s teaching style is practical, ensuring you not only learn the concepts but also how to apply them effectively in real-world scenarios. Join Adam in this comprehensive course and advance your skills in network security and asset management.

Join over 1 Million professionals from the most renowned Companies in the world!

certificate

Empower Your Learning with Our Flexible Plans

Invest in your future with our flexible subscription plans. Whether you're just starting out or looking to enhance your expertise, there's a plan tailored to meet your needs. Gain access to in-demand skills and courses for your continuous learning needs.

Monthly Plans
Annual Plans
Save 20% with our annual plans!

Pro

Ideal for continuous learning, offering video-based learning with 840+ courses and diverse Learning Paths to enhance your skills.

$ 69.00
Billed monthly or $599.00 billed annually

What is included

  • 840+ Premium Short Courses
  • 70+ Structured Learning Paths
  • Validation of Completion with all courses and learning paths
  • New Courses added every month
Early Access Offer

Pro +

Experience immersive learning with Practice Labs and CTF Challenges for comprehensive skill-building.

$ 79.00
Billed monthly or $699.00 billed annually

Everything in Pro and

  • 1400+ Practice Lab exercises with guided instructions
  • 150+ CTF Challenges with detailed walkthroughs
  • New Practice Labs and Challenges added every month

Related Courses

1 of 50