chitin_security
| Crates.io | chitin_security |
| lib.rs | chitin_security |
| version | 0.0.1 |
| source | src |
| created_at | 2020-11-17 22:40:51.490016 |
| updated_at | 2020-11-18 00:27:37.417179 |
| description | Placeholder for Chitin Security. Chitin Security is a project that aims to make a truly open source and free SIEM/EDR/SOAR combination with Rust that is Secure and correct. |
| homepage | |
| repository | |
| max_upload_size | |
| id | 313431 |
| size | 39,756 |
(Tsora-Pop)
documentation
README
Chitin Security
Chitin Security is a project that aims to make a truly open source and free SIEM/EDR/SOAR combination with Rust that is Secure and correct. Only pay for swag and detections on Patreon.
Features
With Endpoint agents on Windows 10+, Mac10.15, Linux (Ubuntu, CentOS)
Dashboards
Visualize correlations of events to create details views of attack vectors from Endpoint, Network, Cloud, etc
Threat Metrics
Analytics
Reports
Action Center
Incident Management
Cases, Incidents, Alerts, Report IP
Hunt
Investigate, Custom Detections, Active Defense (Locked to select personnel, Honey)
Custom Detections
Detection management for in house detection creation and categorization
Customer Management
Get a look inside any environment you are protecting, whether it be your own or others. Software/hardware inventory management
Inventory
Hardware Inventory Software Inventory
Flows
Orchestrate, Automate, and Respond if/then playbooks. create tickets, create cases, isolate, ban, deactivate account, prompt a terminal, file quarantine, report IPs, report to cloud host providers
Manage Flows
Third Party Application for Flows
Apps
Cyberchef, Sigma, OSQuery, GRR, The Hive
Security Management
Security Testing
Scanning, Penetration Tests Not only will all scanning devices now be appropriately labeled so as to not cause FP, but this will also include reports for them once I know their job better Scanning - Scan reports based on logs, False Positive report submit,
Vulnerability Management
Priority critical patches, then Red Team, then Penetration Test fixes, then scan fixes, then all others
Adversary Emulation
Atomic Red Team and Caldera management
News
Threat Actor Summaries
MITRE ATT&CK Threat Actors that can be sorted and displayed using various filters
RSS Feed
Twitter Feed
Internal Intel
Area for the Intelligence Team to work out of. tbd
Collaboration channel with others with Chitin Security
Tread carefully here, thinking of features later
Account Management
Settings
Feedback
Common questions your customers ask of you that this platform does not easily provide, issues and bugs, etc