Auditd Configuration Best Practices Logo

Auditd Configuration Best Practices

0
Free
Visit Website

The idea of this auditd configuration is to provide a basic configuration that works out-of-the-box on all major Linux distributions, fits most use cases, produces a reasonable amount of log data, covers security-relevant activity, and is easy to read with different sections and many comments. Sources: Gov.uk auditd rules, alphagov/puppet-auditd#1, CentOS 7 hardening, Linux audit repo, Auditd high-performance Linux auditing. Further rules for PCI DSS compliance and NISPOM compliance are available.

FEATURES

ALTERNATIVES

Dispatch helps manage security incidents by integrating with existing tools and automating incident response tasks.

A collection of incident response methodologies for various security incidents, providing easy-to-use operational best practices.

AWS Community repository of custom Config rules with instructions for leveraging and developing AWS Config Rules.

Receive important notifications and updates related to North American electric grid security.

CrowdStrike Falcon Orchestrator is a Windows-based application for workflow automation and security response.

Stronghold is the easiest way to securely configure your Mac.

Open-source security automation platform for automating security alerts and building AI-assisted workflows.

A standardized framework for describing and classifying cybersecurity incidents