Doorman
0
Free
Doorman is an osquery fleet manager that allows administrators to remotely manage the osquery configurations retrieved by nodes. Administrators can dynamically configure the set of packs, queries, and/or file integrity monitoring target paths using tags. Doorman takes advantage of osquery's TLS configuration, logger, and distributed read/write endpoints, to give administrators visibility across a fleet of devices with minimal overhead and intrusiveness. At a glance, Doorman makes extensive use of tags. A node's configuration is dependent on the tags it shares with packs, queries, and/or file paths. As tags are added and/or removed, a node's configuration will change. For example, it's possible to assign a set of packs and queries a baseline tag. To ensure all nodes then receive this baseline configuration, you simply assign the baseline tag to the nodes you wish to include. State of the node: Click on any node to view its recent activity, original enrollment date, time of its last check-in, and the set of packs and queries that are configured for it. This view provides an 'at-a-glance' view on the current state of a node. Distributed queries: With Doorman, you can distribute a
FEATURES
The author has not provided features for this tool yet. If you are the author, please sign in or claim the tool to add features by clicking the icon above.
ALTERNATIVES
Powerfully simple endpoint security solution that takes down threats without interrupting business.
Commercial
Advanced malware scanning and removal tool that detects and removes various types of malware and offers additional protection with HitmanPro.Alert.
Commercial
An alternative to the auditd daemon with goals of safety, speed, JSON output, and pluggable pipelines connecting to the Linux kernel via netlink.
A Python library for loading and executing Beacon Object Files (BOFs) in-memory.
A free, fast, and flexible multi-platform IOC and YARA scanner for Windows, Linux, and macOS.
The official security guide for Red Hat Enterprise Linux 7, providing detailed information on securing the operating system.
Advanced Endpoint Protection is a complete endpoint protection platform that provides advanced threat protection against ransomware, data breaches, and malware.
Commercial
Comprehensive business security suite with enhanced features to protect against malware, phishing, and advanced threats.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Free
Security Operations
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Free
Blogs and News
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.
Commercial
AI Security