One OSQuery-based Agent for All

First and only full-featured Windows extension to OSQuery, with real-time eventing using kernel-based design. It is also the only Windows OSQuery-based agent with response capabilities to take action during incident response. You can now use the PolyLogyx fleet manager or any other fleet manager to manage consistently across Windows, Linux, and Mac OS endpoints.

Platforms Supported

Windows
Asset 31@2x
One Agent for All

If you are using a custom combination of OSQuery, Sysmon, OSSEC and other tools to consolidate the data, a single PolyLogyx agent can address all your needs including interrogation, real-time telemetry, log extraction into a queryable table, and to take response action

Asset 30@2x
Response Action

Take response action on Windows endpoints such as stopping a bad process, deleting a malicious file, isolating a compromised endpoint or changing a firewall setting.

Asset 29@2x
Filter Events

To avoid flooding of activity that may not be relevant, add filter rules to select real-time activity that is captured

Asset 26@2x
Extend The Extension

Access any application data on an endpoint (such as process info from a SCADA system or the status of an CT-Scanner, as long as it has an SDK)

Follow PolyLogyx On GitHub

For updates, issues, feature requests and more community fun

Customer Quotes