Utility Instruments
Workhorses for the various cyber security related tasks, like detection, traffic capture, asset tracking and more.
Cowrie Instrument
Cowrie is a medium to high interaction SSH and Telnet honeypot designed to log brute force attacks and the shell interaction performed by the attacker. In medium interaction mode (shell) it emulates a UNIX system.
Datasheet »Rule Importer
Tool for importing, generating and deploying Suricata rules from packaged rule sets and blacklisted addresses.
Datasheet »Netflow Instrument
Netflow passively listens for network traffic and stores the traffic flows in Cisco NetFlow format.
Datasheet »SensorFleet IDS Rule Manager
Advanced features to be used on top of IDS engines, such as automatic ruleset updating, event stream viewer, etc.
Datasheet »Suricata IDS
Suricata IDS is a network threat detection engine. The integration to SensorFleet solution allows easily deployable and manageable intrusion detection.
Datasheet »Traffic Recorder
Captures network traffic to disk and provides indexing and searching capabilities through Moloch software.
Datasheet »TrafficGuard Management
Traffic Guard Manager gathers the identities reported by TrafficGuard Probe and creates events based on identity changes.
Datasheet »TrafficGuard Probe
Traffic Guard Probe is the lower level network probe that delivers identities to TrafficGuard Manager.
Datasheet »PassiveDNS
PassiveDNS can be used to store information from DNS requests and uses that stored information to augment other events.
Datasheet »Platform Instruments
Modules providing services for the other Instruments. With the exception of core platform, we are using the Instrument architecture for platform services in order to maximise containment and isolation for different functionalities.
Capture Engine
Capture Engine redistributes packets from physical interface to mirror-bridge interface(s).
Datasheet »Downloader
Downloader is helper Instrument providing other Instruments the ability to download resources outside the Sensor.
Datasheet »