Doorman
Doorman is an osquery fleet manager that allows administrators to remotely manage the osquery configurations retrieved by nodes. Administrators can dynamically configure the set of packs, queries, and/or file integrity monitoring target paths using tags. Doorman takes advantage of osquery's TLS configuration, logger, and distributed read/write endpoints, to give administrators visibility across a fleet of devices with minimal overhead and intrusiveness. At a glance, Doorman makes extensive use of tags. A node's configuration is dependent on the tags it shares with packs, queries, and/or file paths. As tags are added and/or removed, a node's configuration will change. For example, it's possible to assign a set of packs and queries a baseline tag. To ensure all nodes then receive this baseline configuration, you simply assign the baseline tag to the nodes you wish to include. State of the node: Click on any node to view its recent activity, original enrollment date, time of its last check-in, and the set of packs and queries that are configured for it. This view provides an 'at-a-glance' view on the current state of a node. Distributed queries: With Doorman, you can distribute a
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A simple ransomware protection that intercepts and kills malicious processes attempting to delete shadow copies using vssadmin.exe.
Deep Instinct is a predictive prevention platform that uses deep learning to prevent unknown threats, including ransomware and zero-day malware, from infiltrating storage environments, applications, and endpoints.
Cortex XDR is a comprehensive endpoint security solution that blocks advanced attacks with behavioral threat protection, AI, and cloud-based analysis, and provides complete endpoint security and lightning-fast investigation and response.
A comprehensive utility that shows what programs are configured to run during system bootup or login, and when you start various built-in Windows applications.
A robust endpoint security solution that offers data security, network security, and advanced threat prevention, all managed from a single console to protect your devices and data.
Symantec Enterprise Cloud provides comprehensive cybersecurity for large enterprises, with a focus on data-centric hybrid security and innovation in threat and data protection.
Powerfully simple endpoint security solution that takes down threats without interrupting business.
A free endpoint security tool for host investigative capabilities to find signs of malicious activity through memory and file analysis.
A static analysis framework for extracting key characteristics from various file formats
PINNED
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.