Auditd Configuration Best Practices
0
Free
The idea of this auditd configuration is to provide a basic configuration that works out-of-the-box on all major Linux distributions, fits most use cases, produces a reasonable amount of log data, covers security-relevant activity, and is easy to read with different sections and many comments. Sources: Gov.uk auditd rules, alphagov/puppet-auditd#1, CentOS 7 hardening, Linux audit repo, Auditd high-performance Linux auditing. Further rules for PCI DSS compliance and NISPOM compliance are available.
FEATURES
The author has not provided features for this tool yet. If you are the author, please sign in or claim the tool to add features by clicking the icon above.
ALTERNATIVES
Anomali is an AI-Powered Security Operations Platform that delivers speed, scale, and performance at a reduced cost, combining ETL, SIEM, XDR, SOAR, and TIP to detect, investigate, respond, and remediate threats.
Commercial
A Serverless Security Orchestration Automation and Response (SOAR) Framework for AWS GuardDuty with various supported actions.
Templates for incident response run-books tailored for AWS environments based on NIST guidelines.
Repository of templates for Ayehu's workflows with the ability to design, execute, and automate IT and business processes.
A collection of Cyber Incident Response Playbook Battle Cards (PBC) for combating cyber threats and attacks, following a prescriptive approach inspired by CERT Societe Generale's IRM.
Incident response and digital forensics tool for transforming data sources and logs into graphs.
An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.
Commercial
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Free
Security Operations
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Free
Blogs and News
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.
Commercial
AI Security