DEPRECATED - MozDef: Mozilla Enterprise Defense Platform

abandoned elasticsearch elk elk-stack python security siem unmaintained

Перейти к файлу

Anthony Verez 94b9664125 averez-mig-bugfix: Reverse list to process old compliance checks first, older later		2014-06-26 12:14:08 -07:00
benchmarking	averez-19-samples: move json2Mozdef.py to /benchmarking/workers/	2014-04-22 09:15:41 -07:00
bot	remove bot coloring for mozdef keyword	2014-06-12 16:08:20 -07:00
cron	averez-mig-bugfix: Reverse list to process old compliance checks first, older later	2014-06-26 12:14:08 -07:00
docker	averez-esworker-fix: restore github repo for docker config	2014-05-06 17:08:50 -07:00
docs	Merge pull request #110 from BjornArnelid/master	2014-05-30 22:37:02 -07:00
examples	averez-mapping-raw-host: .raw for details.hostname and auditd mapping	2014-06-10 15:55:58 -07:00
initscripts	init script for da bot	2014-05-02 09:30:28 -07:00
lib	pep8 improvements, moar kang credits, don't log long error messages	2014-05-01 12:57:24 -07:00
loginput	add application parameter	2014-06-03 09:29:49 -07:00
logs	[meteor] gitignore and bug fix when empty ES	2014-03-07 10:25:54 -08:00
meteor	formatting changes for health/about screen	2014-06-17 09:02:01 -07:00
mq	add option to run mq in no_ack, transient delivery mode	2014-06-18 14:32:33 -07:00
rest	averez-27-dashboards-listing: use config file for settings for kibana urls	2014-04-17 11:53:09 -07:00
utils	netantho-105-ttl: refactor setupIndexTemplates.py and es-docs/inject.py to use a common module	2014-05-20 11:28:07 -07:00
.gitignore	netantho-105-ttl: refactor setupIndexTemplates.py and es-docs/inject.py to use a common module	2014-05-20 11:28:07 -07:00
.gitmodules	Use the submodule for the mozdef python client lib	2014-04-02 11:34:39 -07:00
CONTRIBUTING.md	averez-issue-23-contributing: add CONTRIBUTING.md	2014-04-14 08:53:42 -07:00
LICENSE	Updated license file to conform with MPL	2014-02-25 09:55:02 -08:00
README.md	add read the docs link	2014-03-23 13:06:38 -07:00
analyze_code.sh	averez-22-license: Fix license stuff (Closes #22 )	2014-04-16 11:40:15 -07:00
requirements.txt	averez-requirements: oops, remove duplicate requirements	2014-05-05 11:11:52 -07:00

README.md

===================================== MozDef: The Mozilla Defense Platform

Why?

The inspiration for MozDef comes from the large arsenal of tools available to attackers. Suites like metasploit, armitage, lair, dradis and others are readily available to help attackers coordinate, share intelligence and finely tune their attacks in real time. Defenders are usually limited to wikis, ticketing systems and manual tracking databases attached to the end of a Security Information Event Management (SIEM) system.

The Mozilla Defense Platform (MozDef) seeks to automate the security incident handling process and facilitate the real-time activities of incident handlers.

Goals:

Provide a platform for use by defenders to rapidly discover and respond to security incidents.
Automate interfaces to other systems like bunker, banhammer, mig
Provide metrics for security events and incidents
Facilitate real-time collaboration amongst incident handlers
Facilitate repeatable, predictable processes for incident handling
Go beyond traditional SIEM systems in automating incident handling, information sharing, workflow, metrics and response automation

Status:

MozDef is in early proof of concept phases at Mozilla.

DOCS:

http://mozdef.readthedocs.org/en/latest/