DownloadMozDef aims to bring real-time incident response and investigation to the defensive toolkits of security operations groups in the same way that Metasploit, LAIR, and Armitage have revolutionized the capabilities of attackers. We use MozDef to ingest security events, alert us to security issues, investigate suspicious activities, handle security incidents, and visualize and categorize threat actors. The real-time capabilities allow our security personnel all over the world to work collaboratively even though we may not sit in the same room together and see changes as they occur. The integration plugins allow us to have the system automatically respond to attacks in a preplanned fashion to mitigate threats as they occur.
Features
- Provide a platform for use by defenders to rapidly discover and respond to security incidents
- Automate interfaces to other systems like bunker, cymon, mig
- Provide metrics for security events and incidents
- Facilitate real-time collaboration amongst incident handlers
- Facilitate repeatable, predictable processes for incident handling
- Go beyond traditional SIEM systems in automating incident handling, information sharing, workflow, metrics and response automation
Project Samples
Categories
SecurityLicense
Mozilla Public License 1.0 (MPL)Follow MozDef
You Might Also Like
1Password makes it easy to store and share passwords anywhere, anytime
Protect yourself, your family, or your global workforce with simple security, easy secret sharing, and actionable insight reports.
Rate This Project
Login To Rate This Project
User Reviews
Be the first to post a review of MozDef!