Instruments
Workhorses for the various cyber security related tasks, like detection, traffic capture, asset tracking and more.
Exposure monitoring
PortDiff
Periodic and automated port scanning to detect exposed services, such as file shares, databases, remote management etc.
Read moreTraffic Guard
Automated inventory of the network's assets and alerting about the unexpected assets entering the network.
Read moreAttack and lateral movement detection
Cowrie Honeypot
Detects lateral movement such as unexpected SSH/Telnet login attempts and file transfers.
Read moreSuricata IDS
Widely used IDS engine with curated IoC feed for detecting the malicious activity, such as Command and Control connections, in the network.
Read moreZeek
Versatile network security monitoring engine that creates analyst friendly activity logs.
Read moreForensics and threat hunting
Traffic Recorder
Captures and stores traffic for forensic analysis. Supports both full traffic recording and alert based capture.
Read moreNetflow
Collects traffic flow information in storage optimized fashion for forensic and troubleshooting purposes.
Read morePassiveDNS
Builds a database of DNS queries and replies. Can be searched for threat hunting and automatically augments other events, such as IDS alerts.
Read moreTraffic Replay
Can be used to replay traffic captured to a pcap file. Using Traffic Replay allows the use of Instruments like Suricata or Zeek IDS, Passive DNS, Netflow or Traffic Recorder to analyze contents of captured traffic instead of live traffic.
Read moreSpecial purpose
Beacon
SensorFu Beacon tries to escape from restricted networks and reports any leaks to SensorFu Home.
Read moreLog Forwarder
Log Forwarder Instrument collects and forwards log and event data by integrating Logstash open source log/event pipeline engine into the SensorFleet platform.
Read moreSensorFleet IDS Rule Manager
IDS rule manager for Suricata and Zeek Instruments. Allows importing, updating, editing and deploying rulesets to all IDS Instruments on fabric.
Read more