- The Bro Network Security Monitor
Bro is a powerful network analysis framework that is much different from the typical IDS you may know
https://www.bro.org
- GRR Rapid Response: remote live forensics for incident response
An incident response framework developed by security researchers at Google, the GRR framework analyzes specific workstations for malware footprints. Once both the server side and the agent have been deployed, they become GRR clients and can begin to receive messages from the front end servers, which makes it easy to investigate individual systems. Then the incident response team can perform various forensic tasks on the client machine, such as analyzing the memory, searching various settings and managing configuration options.
https://github.com/google/grr
Suricata is a free and open source, mature, fast and robust network threat detection engine.
https://suricata-ids.org
http://www.netscantools.com/nstpromain.html
No comments:
Post a Comment