Threat Hunting with Open SourceΒΆ

Tool

Purpose

Command example

Osquery

SQL-based endpoint queries

SELECT * FROM process_events

Falco

Behavioural detection

falco -r rules/falco_rules.yaml

Lynis

Compliance auditing

lynis audit system


Last update: 2025-06-07 06:04