Facebook will soon bring Osquery to Windows 10

by Ivan Jenic
Ivan Jenic
Ivan Jenic
Troubleshooting Expert
Passionate about all elements related to Windows and combined with his innate curiosity, Ivan has delved deep into understanding this operating system, with a specialization in drivers and... read more
Affiliate Disclosure

Last week, Facebook announced that it will soon bring its SQL-powered detection tool, Osquery, to Windows 10. The tool has been present on macOS and Linux for more than two years, and the company finally decided to introduce it to Microsoft’s platform now.

Osquery allows users to write their own SQL-based queries, in order to detect potential malicious activities across networks. The tool also converts processes and open network connections into SQL tables, to provide better data visualization to admins.

“Today, we’re excited to announce the availability of an osquery developer kit for Windows! Security teams can now build customized osquery solutions for their Windows networks. In 2014, Facebook open sourced osquery, an SQL-powered detection tool for Linux and OS X that provides real-time insight into the state of corporate infrastructure. osquery allows you to write SQL-based queries that explore operating system data. With osquery, SQL tables represent abstract concepts such as running processes, loaded kernel modules, open network connections, browser plugins, hardware events or file hashes. Having timely, reliable visibility into operations running throughout your network is critical to quickly identify and investigate anomalies.”

Partnership between Facebook and Microsoft is not the sweetest one in the industry, as Facebook often avoids or delays development of its services for Windows. However, due to a high number of requests from users, Facebook decided to bring Osquery to Windows. The tool is only available on Windows 10.


This article covers:Topics: