Checking your endpoints with Stethoscope

Health Screen

Conclusion

According to the Netflix blog [10], if you're a Windows or Apple user, the Stethoscope app will offer you "…a desktop application that checks security-related settings and makes recommendations for improvements without requiring central device management or automated reporting."

Clearly there's a bit of configuration to do in order to hook up multiple devices to Stethoscope. Check out the Stethoscope documentation for more information [11].

If you're interested in other developments in this space then have a look at osquery [12] from the Linux Foundation. According to Netflix, when Stethoscope launched, the intention was to integrate osquery so that it could also provide data on endpoints too.

More on osquery

The osquery website and the GitHub page [13] are both well-constructed and definitely worth a look. The premise is to use Structured Query Language (SQL) queries to check for events across multiple endpoints registered centrally. So, for example, you might run a query to retrieve timestamps relating to all root user logins in the last two days, or you might check for deleted binary files across all your endpoint devices with a single command. These types of tools are invaluable when investigating a suspected security breach.

The Author

Chris Binnie's latest book, Linux Server Security: Hack and Defend, shows how hackers launch sophisticated attacks to compromise servers, steal data, and crack complex passwords, so you can learn how to defend against such attacks. In the book, he also shows you how to make your servers invisible, perform penetration testing, and mitigate unwelcome attacks. You can find out more about DevOps, DevSecOps, Containers, and Linux security on his website: https://www.devsecops.cc.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus