Beginner Pro

Hands-on with OSquery

You’ll learn Osquery fundamentals and understand how security teams use Osquery for endpoint visibility, investigation, and threat hunting.

Self-Paced by Jaimin Pathak

Overview

In this project, you will learn how to use Osquery as a powerful endpoint visibility and investigation tool used by SOC analysts and blue teams.

You will understand how Osquery treats operating system artifacts (processes, users, network connections, startup items, etc.) as database tables and allows you to query them using SQL.

You will be able to hunt threats, investigate incidents, and validate security posture across Linux, Windows, and macOS endpoints.

What You'll Learn

  • Osquery Basics & Architecture

    Understand what Osquery is, how it works, and why it is widely used for endpoint visibility. Learn how Osquery fits into SOC workflows and security investigations.

  • SQL-Based Endpoint Querying

    Learn how Osquery uses SQL to query operating system data. Understand tables, columns, and how OS artifacts are exposed like database records.

About Trainer

Jaimin Pathak

Jaimin Pathak

Jaimin Pathak is a dynamic cybersecurity leader with deep expertise in Blue Team operations, digital forensics, and threat intelligence. As the Head of Security at HaxSecurity, Jaimin brings a hands-on approach to building and scaling modern Security Operations Centers (SOC). His career spans years of dedicated work in incident response, SIEM engineering, and proactive threat hunting. Jaimin is also a passionate mentor and educator, having guided thousands of cybersecurity learners through practical training programs, shaping the next generation of defenders in the field.

Related Projects

Practical AWS Cloud Security Posture Assessment Using Scout Suite
Free Beginner

Practical AWS Cloud Security Posture Assessment Using Scout Suite

Identify real-world AWS attack surfaces through visual security posture analysis.

Wazuh + n8n + Anyrun: Automated Malware Analysis
Pro Intermediate

Wazuh + n8n + Anyrun: Automated Malware Analysis

Automate malware analysis by sending Wazuh-detected suspicious files into ANY.RUN, retrieving detailed reports and IOCs, and integrating results back into your SOC workflow.

Apache Web Server Log Monitoring using Wazuh
Pro Beginner

Apache Web Server Log Monitoring using Wazuh

Real-time detection of HTTP errors, brute-force and suspicious requests from Apache logs