Mar 16, 2021
OK, say it with me, defender tools suck. They all have their own dashboards, data formats, ways to look at what's going on...and that wouldn't be bad if they even remotely worked together.
OSQuery isn't the end-all for endpoint tools, but it surely can tell you a whole lot about what's going on out there - and then you can actually intelligently do something. But it needs a front-end...so enter Fleet. This episode is all about defending the endpoint using open source, and Fleet/OSQuery specifically.