go-audit
About go-audit is an alternative to the auditd daemon that ships with many distros. After having created an auditd audisp plugin to convert audit logs to json, I became interested in creating a replacement for the existing daemon. Goals: - Safe: Written in a modern language that is type safe and performant - Fast: Never ever ever ever block if we can avoid it - Outputs json: Yay - Pluggable pipelines: Can write to syslog, local file, Graylog2, or stdout. Additional outputs are easily written. Connects to the Linux kernel via netlink. Usage: - Installation: Install golang, version 1.14 or greater is required. Clone the repo, build the binary, and copy the binary go-audit to wherever you'd like. - Testing: Run unit test suite, code coverage results, benchmark test suite, benchmark test suite with CPU profiling, and benchmark test suite with CPU profiling and GC collection. - Running as a service: Check the contrib folder, it contains examples for how to run go-audit as a proper service on.
FEATURES
ALTERNATIVES
A guide to implementing Microsoft AppLocker for application whitelisting
Xcitium's unified zero-trust platform secures endpoints to cloud workloads using patented Zero Dwell technology, providing complete protection from ransomware and malware infections.
All-in-one protection solution for individuals and families, offering antivirus, VPN, identity, and privacy protection.
A tool for monitoring and managing device compliance and security across multiple platforms
Sophos Intercept X Endpoint is a comprehensive endpoint security solution that provides unparalleled protection against advanced attacks, ransomware, and data loss.
An endpoint monitoring tool for Linux and macOS that reports file, socket, and process events to Zeek.
A static analysis framework for extracting key characteristics from various file formats
A Python library for loading and executing Beacon Object Files (BOFs) in-memory.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Kriptos
An AI-driven data classification and governance platform that automatically discovers, analyzes, and labels sensitive information while providing risk management and compliance capabilities.
System Two Security
An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.
Aikido Security
Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.
Permiso
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.