Search Results for "network activity indicator"

...This allows you to write SQL queries to explore operating system data. With osquery, SQL tables represent abstract concepts such as running processes, loaded kernel modules, open network connections, browser plugins, hardware events or file hashes.Osquery queries your devices like a database. Osquery uses basic SQL commands to leverage a relational data-model to describe a device. Frequently, attackers will leave a malicious process running but delete the original binary on disk. This query returns any process whose original binary has been deleted, which could be an indicator of a suspicious process.

...tirreno [tir.ˈrɛ.no] helps understand, monitor, and protect your applications from cyber threats, account takeovers, bots, and abuse. While classic cybersecurity focuses on infrastructure and network perimeter, most breaches occur through compromised accounts and application logic abuse that bypasses firewalls, SIEM, WAFs, and other defenses. tirreno detects threats where they actually happen: inside your product. It adds a security layer to internal or external applications to identify malicious activity by analyzing user behavior, account activity, field changes history, and business logic abuse that infrastructure tools are unable to detect.

OCD is a simple web UI written in PHP [and little CSS]. It displays dashboard of current OSSEC activity. Originally written to allow NOC to monitor OSSEC events in realtime.

NetDash is a network dashboard and intrusion detection system. NetDash passively collects network traffic and then stores key information to be analyzed for unwanted network activity. NetDash captures all traffic passed over the network and stores that traffic in a PCAP file that can be downloaded and analyzed with other tools such as Wireshark. NetDash processes each PCAP file and stores relevant information about each packet captured in a MySQL database. ...

Nuhe is a log monitoring system, which is capable of alarm generation and action when rules are matched against log(s) activity.

Security Analyst Network Connection Profiler [sancp] is a network security tool designed to create connection logs and record network traffic for the purpose of auditing, historical analysis, and network activity discovery.

A statistical view of the recorded activity on a Honeynet. A mechanism for a honeynet to present some information about its findings over the web. This is done by a statistical analysis on the inbound firewall logs recorded by the honeynet's firewall.

A Java-based client-server architecture for processing network intrusion detection data. The server receives XML alerts from Snort sensors buffers them for review by clients. The console provides a real-time view of IDS activity.

This project\'s goal is to provide a usable progam to enable network administrators to log certain instant messaging activity (namely, login / logout). AIM currently supported, more protocols are in the works.

This application allows you to capture the logging messages about network activity from your Linksys cable/DSL modem routers and store it in a database. The beginings of a PHP web based front end is also included as a separate module.

Pace-IDS is an Intrusion Detection system designed to replace Tripwire, in that it is faster, and more effective of detecting trojan activity, and is easier to configure. All you have to do usually is simply change one variable to your email address.

Open eSign allows software developers and technical parties in a company to create secure, online (web-based) forms and documents that follow a business process flow and enable legally recognized electronic signatures using digital signature technology.