Osquery uses basic SQL commands to leverage a relational data-model to describe a device.
Frequently, attackers will leave a malicious process running but delete the original binary on disk. This query returns any process whose original binary has been deleted, which could be an indicator of a suspicious process.
Subscribe for our newsletter with best Mac offers from MacUpdate.
Downloaded & Installed 37 times