Doorman Logo

Doorman

0
Free
Visit Website

Doorman is an osquery fleet manager that allows administrators to remotely manage the osquery configurations retrieved by nodes. Administrators can dynamically configure the set of packs, queries, and/or file integrity monitoring target paths using tags. Doorman takes advantage of osquery's TLS configuration, logger, and distributed read/write endpoints, to give administrators visibility across a fleet of devices with minimal overhead and intrusiveness. At a glance, Doorman makes extensive use of tags. A node's configuration is dependent on the tags it shares with packs, queries, and/or file paths. As tags are added and/or removed, a node's configuration will change. For example, it's possible to assign a set of packs and queries a baseline tag. To ensure all nodes then receive this baseline configuration, you simply assign the baseline tag to the nodes you wish to include. State of the node: Click on any node to view its recent activity, original enrollment date, time of its last check-in, and the set of packs and queries that are configured for it. This view provides an 'at-a-glance' view on the current state of a node. Distributed queries: With Doorman, you can distribute a

FEATURES

ALTERNATIVES

A software tool that enhances visibility and control over application activities on a user's computer, helping to identify and prevent potential security threats.

A guide to implementing Microsoft AppLocker for application whitelisting

A single cybersecurity platform that provides holistic security management, prevention, detection, and response capabilities powered by AI and threat intelligence, designed to simplify and converge security operations in diverse hybrid IT environments.

A static analysis framework for extracting key characteristics from various file formats

Emsisoft Enterprise Security + EDR provides robust and proven endpoint security for organizations of all sizes with layered protection and a cloud-based management console.

Cisco Secure Endpoint is a cloud-native endpoint security solution that provides advanced protection and response to threats.

YARA-Endpoint is a client-server architecture tool that can be used for endpoint protection and incident response.

A collection of utilities for working with USB devices on Linux