Checking your endpoints with Stethoscope

Health Screen

Conclusion

According to the Netflix blog [10], if you're a Windows or Apple user, the Stethoscope app will offer you "…a desktop application that checks security-related settings and makes recommendations for improvements without requiring central device management or automated reporting."

Clearly there's a bit of configuration to do in order to hook up multiple devices to Stethoscope. Check out the Stethoscope documentation for more information [11].

If you're interested in other developments in this space then have a look at osquery [12] from the Linux Foundation. According to Netflix, when Stethoscope launched, the intention was to integrate osquery so that it could also provide data on endpoints too.

More on osquery

The osquery website and the GitHub page [13] are both well-constructed and definitely worth a look. The premise is to use Structured Query Language (SQL) queries to check for events across multiple endpoints registered centrally. So, for example, you might run a query to retrieve timestamps relating to all root user logins in the last two days, or you might check for deleted binary files across all your endpoint devices with a single command. These types of tools are invaluable when investigating a suspected security breach.

The Author

Chris Binnie's latest book, Linux Server Security: Hack and Defend, shows how hackers launch sophisticated attacks to compromise servers, steal data, and crack complex passwords, so you can learn how to defend against such attacks. In the book, he also shows you how to make your servers invisible, perform penetration testing, and mitigate unwelcome attacks. You can find out more about DevOps, DevSecOps, Containers, and Linux security on his website: https://www.devsecops.cc.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • CI/CD deliverables pipeline
    Build a continuous integration pipeline by linking Git, Jenkins, Docker, and GitHub into a build chain that can be flexibly extended and modified.
  • News for Admins
    In the news: Native edge computing comes to Red Hat Enterprise Linux; IBM/Red Hat deals crushing blow to CentOS; Linux Kernel 5.10 is ready for release 48; and Canonical launches curated container images.
  • Mobile device management with Microsoft System Center 2012 R2
    Integrating the Windows Intune management tool and Microsoft System Center Configuration Manager for centralized management of mobile devices.
  • Security analysis with Security Onion
    Security Onion offers a comprehensive security suite for intrusion detection that involves surprisingly little work.
  • Zero Trust as a security strategy
    Acceptance of zero trust models like BeyondCorp by Google or LISA by Netflix lags in Europe, where endpoint security is king. We examine why this situation must change by looking into the principles of modern zero trust concepts.
comments powered by Disqus