OpenSOC.io - Helpful Links SANS Collection of all SANS posters (CTRL-F-able) Greylog Greylog Documentation OS Query Example Queries (Awesome listing of queries mapped to the MITRE AT&TCK framework)[https://github.com/teoseller/osquery-attck] Threat Hunting w/ OS Query Using OSQuery for Remote Forensics Introduction to osquery for Threat Detection and DFIR ReconHunt - OSQuery Examples & Hunts