But people still get grumpy when their battery dies prematurely.Īnyway, the reliability team also absolutely understood what we were trying to do, but they had some concerns of their own. We’ve tried to be responsive and tune our parameters, and we made a Slackbot to give guidance to people complaining about osqueryd. Some tasks cause osquery to get a little CPU hungry and cause people’s laptops to sound like they’re trying to fly to the moon. However, our laptop deployment has given us a mild PR problem with osquery. It’s been very useful, which is why we want to put it on our servers too. We already run osquery on all our employee laptops. Next we spoke to Stripe’s reliability team. “Some of the scarier tables can remotely control servers.” “Yes,” we said, “isn’t it fantastic?” “This thing can exfiltrate almost any piece of data from the machines it runs on”, they pointed out.
#OSQUERY RAM CPU USAGE INSTALL#
They acknowledged all the wonderful features of osquery that all of us here know and love, apart from those of you who are spies from However, the team pointed out that we were, in the nicest possible way, proposing to install a trojan on every server at Stripe. Our colleagues absolutely understood what we were trying to do. They went away and talked amongst themselves, and then came back and let us know that actually they very much did. While we were designing our deployment we spoke to other teams within Stripe’s security organization, and we asked them if they had any thoughts.
Last year we started rolling out osquery to Stripe’s server fleet.
My team is responsible for building the tools that security analysts use to detect and stop bad guys. Hi, my name is Rob Heaton and I’m a security engineer at Stripe on the Detection Infrastructure team. Here’s the recording, transcript, and slides for a talk about gingerly deploying osquery to a server fleet that I gave at 2021.
0 kommentar(er)
