Doorman Logo

Doorman

0
Free
Visit Website

Doorman is an osquery fleet manager that allows administrators to remotely manage the osquery configurations retrieved by nodes. Administrators can dynamically configure the set of packs, queries, and/or file integrity monitoring target paths using tags. Doorman takes advantage of osquery's TLS configuration, logger, and distributed read/write endpoints, to give administrators visibility across a fleet of devices with minimal overhead and intrusiveness. At a glance, Doorman makes extensive use of tags. A node's configuration is dependent on the tags it shares with packs, queries, and/or file paths. As tags are added and/or removed, a node's configuration will change. For example, it's possible to assign a set of packs and queries a baseline tag. To ensure all nodes then receive this baseline configuration, you simply assign the baseline tag to the nodes you wish to include. State of the node: Click on any node to view its recent activity, original enrollment date, time of its last check-in, and the set of packs and queries that are configured for it. This view provides an 'at-a-glance' view on the current state of a node. Distributed queries: With Doorman, you can distribute a

FEATURES

ALTERNATIVES

Track postMessage usage with this Chrome Extension

Open-source tool for monitoring macOS hosts with detailed system activity insights.

Kunai is a Linux-based system monitoring tool that provides real-time monitoring and threat hunting capabilities.

CrowdStrike Falcon Insight XDR is an AI-powered endpoint detection and response solution that provides comprehensive protection, visibility, and automated response capabilities.

GravityZone is a unified endpoint security and analytics platform that provides risk assessment, threat prevention, and incident response capabilities.

Comprehensive endpoint security solution providing proactive defenses, remediation tools, and centralized management to prevent threats and ensure uptime.

Monitor WMI consumers and processes for potential malicious activity

Microsoft Defender for Endpoint is a comprehensive endpoint security solution that provides industry-leading, multi-platform detection and response capabilities.