Utility Instruments
Workhorses for the various cyber security related tasks, like detection, traffic capture, asset tracking and more.
PassiveDNS
PassiveDNS can be used to store information from DNS requests and uses that stored information to augment other events.
Datasheet »SensorFleet IDS Rule Manager
Advanced features to be used on top of IDS engines, such as automatic ruleset updating, event stream viewer, etc.
Datasheet »TrafficGuard Probe
Traffic Guard Probe is the lower level network probe that delivers identities to TrafficGuard Manager.
Datasheet »Beacon
Integrates SensorFu Beacon as SensorFleet instrument. For more information see https://www.sensorfu.com/
Datasheet »TrafficGuard Management
Traffic Guard Manager gathers the identities reported by TrafficGuard Probe and creates events based on identity changes.
Datasheet »Rule Importer
Tool for importing, generating and deploying Suricata rules from packaged rule sets and blacklisted addresses.
Datasheet »Suricata IDS
Suricata IDS is a network threat detection engine. The integration to SensorFleet solution allows easily deployable and manageable intrusion detection.
Datasheet »Netflow Instrument
Netflow passively listens for network traffic and stores the traffic flows in Cisco NetFlow format.
Datasheet »Log Forwarder
Log Forwarder Instrument collects and forwards log and event data by integrating Logstash open source log/event pipeline engine into the SensorFleet platform.
Datasheet »Traffic Recorder
Captures network traffic to disk and provides indexing and searching capabilities through Moloch software.
Datasheet »Replay
Replay Instrument can be used to replay traffic captured to pcap file. Using Replay Instrument allows to use instruments like Suricata or Zeek IDS, Passive DNS, Netflow or Recorder to analyze contents of captured traffic instead of live traffic.
Datasheet »Cowrie Honeypot
Cowrie is a medium to high interaction SSH and Telnet honeypot designed to log brute force attacks and the shell interaction performed by the attacker. In medium interaction mode (shell) it emulates a UNIX system.
Datasheet »Platform Instruments
Modules providing services for the other Instruments. With the exception of core platform, we are using the Instrument architecture for platform services in order to maximise containment and isolation for different functionalities.
Capture Engine
Capture Engine redistributes packets from physical interface to mirror-bridge interface(s).
Datasheet »Downloader
Downloader is helper Instrument providing other Instruments the ability to download resources outside the Sensor.
Datasheet »