OSquery, an open-source framework created by Facebook that allows organizations to look for potential malware or malicious activity on their networks, was available for Mac OS X and Linux environments until today.
But now the social network has announced that the company has also developed a Windows version of this tool.
When Facebook engineers want to monitor thousands of Apple Mac laptops across their organization, they use their own untraditional security tool called OSquery.
This tool is a smart piece of cross-platform software that scans every single computer on an infrastructure. Even more, it catalogs every aspect of it.
Then SQL-based queries allow developers and security teams to monitor low-level functions in real-time and quickly search for malicious behavior and vulnerable applications on their infrastructure.
Simply put, OSquery allows organizations to treat their infrastructure as a database. This is possible by turning OS information into a format that can be queried using SQL-like statements.
This functionality is critical for administrators to:
- perform incident response,
- diagnose systems and network level problems,
- help to troubleshoot performance issues, and more.
(source)