Security Experts:

Osquery Management Firm Uptycs Emerges from Stealth With $10 Million Funding

Waltham, Mass-based Uptycs has emerged from stealth today with the announcement of $10 million Series A funding. The investment was led by ForgePoint Capital and Comcast Ventures.

Uptycs provides security analytics to the huge amounts of data that can be provided by the Osquery open source endpoint agent. The new funds will be used to expand staff levels and further product development.

Osquery Solutions from UptycsOsquery is an operating system instrumentation framework for Windows, OS X, Linux and FreeBSD developed by Facebook. It effectively turns the operating system of individual endpoints into a relational database, allowing system data, such as running processes, loaded kernel modules, open network connections, browser plugins, hardware events or file hashes, to be explored via SQL queries.

This has huge potential for security. For example, a query could be used to return all currently executing processes, but refined to list only those where the original launching binary no longer exists on the filesystem. This could indicate stealthy malware.

"By itself," explained Uptycs director of security in a blog posted last week, "Osquery is a really neat project that allows you to virtualize an endpoint as if it were a SQL database of information, instead of having to run and remember hundreds of different system utilities. You can ask questions with queries, and schedule questions with query packs. However, what you really need is a way to deploy and manage Osquery at scale."

This is Uptycs. The Uptycs security analytics platform, said the firm in a statement today, stores and transforms Osquery telemetry into context-rich dashboards, reports and alerts that help teams detect intrusions, discover vulnerabilities and manage compliance all from a comprehensive, common dataset. And it doesn't matter whether it is 50 or 50,000 endpoints involved.

"Organizations aren't Windows-centric anymore. There is an increasing mix of Windows, Linux, Mac and containers running across the enterprise, especially in cloud and hybrid environments," said Uptycs CEO and founder, Ganesh Pai. "Security solutions have not kept pace to serve the needs of today's modern computing environments. There are growing blind spots especially for cloud workloads and macOS that Osquery is uniquely capable of covering. Uptycs is helping companies leverage the benefits of Osquery quickly, and at scale."

"A challenge in the modern enterprise is juggling the numerous point security solutions -- each with their own data collection strategy -- especially across a diverse ecosystem of IT assets. Uptycs combines the universality of Osquery with meaningful views of data." explained Andy Ellis, CSO at Akamai. "A team of any size or maturity benefits, taking action across a range of needs from compliance to incident response.  As organizations grow, they will continue to benefit from the continuous monitoring and analytics Uptycs provides."

Related: Facebook's "Osquery" Security Tool Available for Windows 

view counter
Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.