Endpoint Security
Browse 500 endpoint security tools
FEATURED
OpenEDR is an open-source platform enhancing cybersecurity through real-time detection and analysis of cyber threats.
OpenEDR is an open-source platform enhancing cybersecurity through real-time detection and analysis of cyber threats.
A collection of PowerShell modules for artifact gathering and reconnaissance of Windows-based endpoints.
A collection of PowerShell modules for artifact gathering and reconnaissance of Windows-based endpoints.
A honeytoken-based tripwire for Microsoft's Active Directory to detect privilege escalation attempts
A honeytoken-based tripwire for Microsoft's Active Directory to detect privilege escalation attempts
A Windows-based workflow automation and case management application that integrates with CrowdStrike Falcon APIs to streamline security operations and incident response processes.
A Windows-based workflow automation and case management application that integrates with CrowdStrike Falcon APIs to streamline security operations and incident response processes.
An endpoint monitoring tool for Linux and macOS that reports file, socket, and process events to Zeek.
An endpoint monitoring tool for Linux and macOS that reports file, socket, and process events to Zeek.
Endpoint security platform using Moving Target Defense to prevent cyber attacks and provide adaptive exposure management and threat prevention.
Endpoint security platform using Moving Target Defense to prevent cyber attacks and provide adaptive exposure management and threat prevention.
AI-driven XDR platform for endpoint security with threat prevention and detection
AI-driven XDR platform for endpoint security with threat prevention and detection
Powershell Threat Hunting Module for scanning remote endpoints and collecting comprehensive information.
Powershell Threat Hunting Module for scanning remote endpoints and collecting comprehensive information.
Automated DFIR platform for rapid incident investigation and endpoint triage
Automated DFIR platform for rapid incident investigation and endpoint triage
A script that validates Group Policy Object audit settings required for proper Microsoft Defender for Endpoint functionality.
A script that validates Group Policy Object audit settings required for proper Microsoft Defender for Endpoint functionality.
A multi-platform open source tool for triaging suspect systems and hunting for Indicators of Compromise (IOCs) across thousands of endpoints.
A multi-platform open source tool for triaging suspect systems and hunting for Indicators of Compromise (IOCs) across thousands of endpoints.
A free endpoint security tool for host investigative capabilities to find signs of malicious activity through memory and file analysis.
A free endpoint security tool for host investigative capabilities to find signs of malicious activity through memory and file analysis.
YARA-Endpoint is a client-server architecture tool that can be used for endpoint protection and incident response.
YARA-Endpoint is a client-server architecture tool that can be used for endpoint protection and incident response.
A process scanning tool that detects and dumps malicious implants, shellcodes, hooks, and memory patches in running processes.
A process scanning tool that detects and dumps malicious implants, shellcodes, hooks, and memory patches in running processes.
NECOMA focuses on data collection, threat analysis, and developing new cyberdefense mechanisms to protect infrastructure and endpoints.
NECOMA focuses on data collection, threat analysis, and developing new cyberdefense mechanisms to protect infrastructure and endpoints.
Do Not Disturb is a free open-source macOS security tool that detects unauthorized physical access to laptops.
Do Not Disturb is a free open-source macOS security tool that detects unauthorized physical access to laptops.
Firejail is a Linux sandbox program that isolates untrusted applications using kernel namespaces, seccomp-bpf, and capabilities to reduce security breach risks.
Firejail is a Linux sandbox program that isolates untrusted applications using kernel namespaces, seccomp-bpf, and capabilities to reduce security breach risks.
The Trystero Project is a threat intelligence platform that measures email security efficacy and provides various tools and resources, while VMware Carbon Black offers endpoint protection and workload security solutions.
The Trystero Project is a threat intelligence platform that measures email security efficacy and provides various tools and resources, while VMware Carbon Black offers endpoint protection and workload security solutions.
A repository containing scripts and configuration files to help administrators implement Microsoft AppLocker for application whitelisting based on NSA security guidelines.
A repository containing scripts and configuration files to help administrators implement Microsoft AppLocker for application whitelisting based on NSA security guidelines.
Fleet is an open-source endpoint management platform that provides device management, vulnerability reporting, and security monitoring capabilities for IT and security teams managing large computer environments.
Fleet is an open-source endpoint management platform that provides device management, vulnerability reporting, and security monitoring capabilities for IT and security teams managing large computer environments.
