Description: List the registered Windows security products and determine if their state is on and whether the signatures are up to date.
SQL:
SELECT wsp.*,
CASE
WHEN state = 'On' AND signatures_up_to_date = 1 THEN 'TRUE'
ELSE 'FALSE'
END compliant
FROM windows_security_products wsp;Operating Systems: Windows Only
Reference:
https://osquery.io/schema/current/#windows_security_products
#compliance #security_products