DEPRECATED - MozDef: Mozilla Enterprise Defense Platform
Перейти к файлу
Brandon Myers d7d4dd1cd8
Add decom notice to readme (#1727)
2021-11-02 11:41:59 -05:00
.github/workflows Fix tests in github actions (#1707) 2021-03-11 10:27:36 -06:00
alerts Update ssh releng alert to take new event format into consideration (#1719) 2021-06-10 12:08:27 -05:00
bot Rename ircchannel to channel (#1652) 2020-07-06 12:57:02 -05:00
cloudy_mozdef Remove unused alerts (#1625) 2020-05-08 13:37:21 -05:00
config Update install docs for nginx 2020-01-03 12:12:35 -06:00
cron Remove uptycs data source (#1721) 2021-06-16 13:49:44 -05:00
docker Add healthchecks (#1689) 2020-10-22 20:57:34 -05:00
docs docs: fix simple typo, somehwere -> somewhere (#1697) 2021-03-10 17:18:30 -06:00
loginput
meteor Remove bcrypt from meteor package (#1684) 2020-09-14 13:56:30 -05:00
mozdef_util Bump pip from 18.1 to 19.2 in /mozdef_util (#1718) 2021-06-11 14:25:17 -05:00
mq Remove uptycs data source (#1721) 2021-06-16 13:49:44 -05:00
rest Add more comments to ipblocklist message (#1712) 2021-04-12 12:18:42 -05:00
scripts Fix broken Discover module in Kibana with alerts index patterns (#1687) 2020-10-22 20:56:47 -05:00
static
systemdfiles Update meteor files for manual installation docs 2020-01-03 12:15:55 -06:00
tests Update ssh releng alert to take new event format into consideration (#1719) 2021-06-10 12:08:27 -05:00
.flake8 Give endpoint methods unique names (#1694) 2021-03-10 17:33:26 -06:00
.gitignore
CHANGELOG.md
CODE_OF_CONDUCT.md
CONTRIBUTING.md
LICENSE
Makefile Fix tests in github actions (#1707) 2021-03-11 10:27:36 -06:00
README.md Add decom notice to readme (#1727) 2021-11-02 11:41:59 -05:00
requirements.txt Bump bottle from 0.12.4 to 0.12.19 (#1711) 2021-06-16 13:48:21 -05:00

README.md

Tests Documentation Status

MozDef: LOGO

⚠️ Deprecation Notice ⚠️

Mozilla is no longer maintaining the Mozilla Enterprise Defense Platform (MozDef) project.

Please fork it to continue development.

Documentation:

https://mozdef.readthedocs.org/en/latest/

Give MozDef a Try in AWS:

The following button will launch the Mozilla Enterprise Defense Platform in your AWS account.

Warning: Pressing the "Launch Stack" button and following through with the deployment will incur charges to your AWS account.

Launch MozDef

Why?

The inspiration for MozDef comes from the large arsenal of tools available to attackers. Suites like metasploit, armitage, lair, dradis and others are readily available to help attackers coordinate, share intelligence and finely tune their attacks in real time. Defenders are usually limited to wikis, ticketing systems and manual tracking databases attached to the end of a Security Information Event Management (SIEM) system.

The Mozilla Enterprise Defense Platform (MozDef) seeks to automate the security incident handling process and facilitate the real-time activities of incident handlers.

Goals:

  • Provide a platform for use by defenders to rapidly discover and respond to security incidents
  • Automate interfaces to other systems like bunker, cymon, mig
  • Provide metrics for security events and incidents
  • Facilitate real-time collaboration amongst incident handlers
  • Facilitate repeatable, predictable processes for incident handling
  • Go beyond traditional SIEM systems in automating incident handling, information sharing, workflow, metrics and response automation

Status:

MozDef is in production at Mozilla where we are using it to process over 300 million events per day.