QueryCon 2019

An osquery conference

by Trail of Bits and Kolide

co-sponsored by Carbon Black

New York City | Jun 20 - Jun 21

Join us for a 2-day osquery conference at Convene at 32 Old Slip, New York, NY 10005 focused on bringing security, devops, macadmins, and other experts in the Osquery community together. QueryCon is now in its second year, with its new host Trail of Bits and a new location in New York City.
Following last year’s format, there will be a single speaking track, and a community workshop.

Reserve your seat for QueryCon19 now!

Register soon! Seating is limited!

2 Day QueryCon Pass

$300
+ processing fee
Register Now

Your pass gets you all of the following:

Full Conference Access

Registration grants you full access to our two-day single track conference, packed with osquery experts, leaders, major open-source contributors, and community members.

Learn More Right Arrow

After Hours Cocktail Party

After a long day of talks, spend time imbibing with osquery leaders, contributors, speakers, and other conference goers at this attendee-only networking event. Drinks and delicious food are on us!

Learn More Right Arrow

Entry to osquery Workshop

Inspired by the talks? The community workshop lets you put your ideas into action in a communal setting where you can get hands-on experience guided by experts, collaborate on issues, and network with community members.

Learn More Right Arrow

Featured Speakers

QueryCon is about bringing the brightest and best of the osquery community together.
See The Full Program Right Arrow

The Venue

Convene at 32 Old Slip - New York, NY

QueryCon19 will be held at the Convene, in downtown Manhattan, just steps from Wall Street and the New York Stock Exchange.

Not sure where to stay?
Some recommended hotels near the venue: Aloft Manhattan Downtown, New York Marriott Downtown, the W New York – Downtown, or Conrad New York.
Check AirBnB Availability
June 19 - June 22
Search More Hotels on Expedia
June 19 - June 22

Pre-Conference Learning

Brush up on your Osquery understanding with some of the resources below:

How Osquery is Built - Teddy Reed & Javier Marcos

Facebook's Osquery is a Linux and OS X intrusion detection and response tool. It supports 10 OS flavors and is continuously built for 8 of those. It is very important that the infrastructure used to test, build, and publish security software be secure itself. This discussion presents how our Security team has enabled any Github contributor to submit C/C++/bash code to our CI and build server, safely. We will guide the audience through our CI hardening process and the attack and vulnerability reports we have received through our bug bounty targeting CI. This includes isolating a Mac Mini fleet of build slaves, not trusting Jenkins as much as possible, automatically building, signing, and publishing packages to AWS S3, doing the same for OS X kernel extension code, adding 2-factor to everything.

Introduction to Osquery - Mike Arpaia

Monitoring macOS Hosts with Osquery - Zach Wasserman

Osquery Across The Enterprise - Chris Long

How Are Teams Using Osquery? - Trail of Bits

Still Have Questions?

We're here to answer whatever you would like to know about QueryCon. Please see the FAQ and don't hesitate to contact us if you have further questions or concerns.
Read the FAQ
Hit Us Up on Twitter
Contact Us