Current state of Sharingan role -- still need to add rkhunter
This commit is contained in:
@@ -55,3 +55,20 @@ See [[WebServer#Available Clients|AniNIX::Webserver's client list]].
|
||||
# Equivalents or Competition
|
||||
|
||||
Various monitoring SaaS vendors are available, including Nagios, OP5, PagerDuty, etc. A variety of paid cybersecurity vendors are also on the market, particularly contract firms. Data aggregation is also oft used via the ElasticStack for a number of use-cases. We chose Graylog because it unifies these funtions for what we care about -- alarming on actionable events, whether they are malicious or accidental.
|
||||
We will use a variety of tools here to feed into the Sharingan SIEM.
|
||||
|
||||
# Network IDS: Suricata
|
||||
|
||||
We use Suricata to scan network data to identify threats.
|
||||
|
||||
## Rules engine: oinkmaster
|
||||
|
||||
# Network IPS: sshguard
|
||||
|
||||
# WAF: modsecurity
|
||||
|
||||
# Vulnerability management: lynis
|
||||
|
||||
# Host IDS: rkhunter
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user