Workhorses for the various cyber security related tasks, like detection, traffic capture, asset tracking and more.
Integrates SensorFu Beacon as SensorFleet instrument. For more information see https://www.sensorfu.com/Datasheet »
Captures network traffic to disk and provides indexing and searching capabilities through Moloch software.Datasheet »
Cowrie is a medium to high interaction SSH and Telnet honeypot designed to log brute force attacks and the shell interaction performed by the attacker. In medium interaction mode (shell) it emulates a UNIX system.Datasheet »
Tool for importing, generating and deploying Suricata rules from packaged rule sets and blacklisted addresses.Datasheet »
Netflow passively listens for network traffic and stores the traffic flows in Cisco NetFlow format.Datasheet »
SensorFleet IDS Rule Manager
Advanced features to be used on top of IDS engines, such as automatic ruleset updating, event stream viewer, etc.Datasheet »
Suricata IDS is a network threat detection engine. The integration to SensorFleet solution allows easily deployable and manageable intrusion detection.Datasheet »
The Zeek instrument integrates Zeek, an open source network analysis framework.Datasheet »
Traffic Guard Manager gathers the identities reported by TrafficGuard Probe and creates events based on identity changes.Datasheet »
Traffic Guard Probe is the lower level network probe that delivers identities to TrafficGuard Manager.Datasheet »
Monitor open services on hosts and report network changes as events.Datasheet »
PassiveDNS can be used to store information from DNS requests and uses that stored information to augment other events.Datasheet »
Modules providing services for the other Instruments. With the exception of core platform, we are using the Instrument architecture for platform services in order to maximise containment and isolation for different functionalities.