We are excited to announce that Carbon Black will be joining with Trail of Bits and Kolide to sponsor QueryCon 2019.
QueryCon is a conference dedicated to Osquery, an open source tool that allows users to query their devices like a database using basic SQL commands. Originally created and open sourced by the security team at Facebook, this tool gives security & IT teams the ability to remotely reach out to their endpoints to audit current system state, whether they’re running Windows, macOS, or Linux.
Last year’s inaugural conference in San Francisco was packed with passionate attendees and speakers (including Carbon Black’s CTO, Scott Lundgren) sharing their ideas about how to grow the Osquery community. As a relative newcomer to Osquery, it was energizing to hear the discussions and see the progress being made with regards to developing a community mission statement and drawing lines between the ability to view endpoint data vs. the ability to manipulate system settings.
That community-driven experience from last year’s conference is what pushed our team to sponsor this year’s event in New York City. It was eye opening to see firsthand how this event gave a platform for members of the dispersed community to meet, share their ideas, and brainstorm creative new uses for the open source tool. For me personally, it was an excellent way to learn more about the true potential of a tool like Osquery and how it could benefit the Security & IT teams that make up Carbon Black’s user base.
What makes this year’s conference even more exciting is that it’s bringing that community out of Silicon Valley, the de facto homeland of Osquery, and taking it to the East Coast where it’s where it’s reaching new audiences. Hosting QueryCon in the Big Apple provides a huge opportunity to get more people on the bandwagon and help them see the value that this type of endpoint query tool can provide in terms of IT hygiene, vulnerability assessment, compliance, and more.
And growing the community is not just a passive goal for me. This year I will actually have the chance to speak at the conference about the user research my team has done around Osquery, and talking through the trends we’ve come across that could remove some common barriers of Osquery management. The overall goal with this session is to kick off a discussion about what else can be done to get more people using and contributing back to this open source project.
My colleague Jon Nelson, an Osquery super user, will also be joining me at the conference and speaking about the process for identifying and grouping specific Osquery tables to help teams align the tool with the frameworks that they subscribe to, such as NIST or MITRE ATT&CK.
Whether you’re an Osquery superfan like Jon or just a security professional interested in learning more about this tool and the community that supports it, we’d love to have you join us at QueryCon in New York City on June 20.