DEPRECATED - MozDef: Mozilla Enterprise Defense Platform
Перейти к файлу
Jeff Bryner 95d231534f cleanup init/destroy attackers three.js objects and move blockIP to modal in the attackers screen 2014-07-20 21:29:54 -07:00
benchmarking averez-19-samples: move json2Mozdef.py to /benchmarking/workers/ 2014-04-22 09:15:41 -07:00
bot remove bot coloring for mozdef keyword 2014-06-12 16:08:20 -07:00
cron ensure alerts has a utcepoch index for constant last event querying 2014-07-18 14:12:36 -07:00
docker averez-docker-settings: add settings.js in conf/ to be able to adapt it and fix ipwhois crazy dep bug 2014-07-11 15:08:02 -07:00
docs 127.0.0.1->localhost to match persona for login 2014-07-11 09:24:19 -07:00
examples averez-xionox-fixes: don't analyze details.program 2014-06-27 19:30:18 -07:00
initscripts init script for da bot 2014-05-02 09:30:28 -07:00
lib bugfix missing initial field 2014-07-01 11:32:14 -07:00
loginput add application parameter 2014-06-03 09:29:49 -07:00
logs [meteor] gitignore and bug fix when empty ES 2014-03-07 10:25:54 -08:00
meteor cleanup init/destroy attackers three.js objects and move blockIP to modal in the attackers screen 2014-07-20 21:29:54 -07:00
mq improve logic and ipv4 finding 2014-07-03 08:47:51 -07:00
rest add dshield IP lookup, zindex the ip menus 2014-07-18 13:55:17 -07:00
utils netantho-105-ttl: refactor setupIndexTemplates.py and es-docs/inject.py to use a common module 2014-05-20 11:28:07 -07:00
.gitignore netantho-105-ttl: refactor setupIndexTemplates.py and es-docs/inject.py to use a common module 2014-05-20 11:28:07 -07:00
.gitmodules Use the submodule for the mozdef python client lib 2014-04-02 11:34:39 -07:00
CONTRIBUTING.md averez-issue-23-contributing: add CONTRIBUTING.md 2014-04-14 08:53:42 -07:00
LICENSE Updated license file to conform with MPL 2014-02-25 09:55:02 -08:00
README.md add read the docs link 2014-03-23 13:06:38 -07:00
analyze_code.sh averez-22-license: Fix license stuff (Closes #22) 2014-04-16 11:40:15 -07:00
requirements.txt averez-docker-settings: add settings.js in conf/ to be able to adapt it and fix ipwhois crazy dep bug 2014-07-11 15:08:02 -07:00

README.md

===================================== MozDef: The Mozilla Defense Platform

Why?

The inspiration for MozDef comes from the large arsenal of tools available to attackers. Suites like metasploit, armitage, lair, dradis and others are readily available to help attackers coordinate, share intelligence and finely tune their attacks in real time. Defenders are usually limited to wikis, ticketing systems and manual tracking databases attached to the end of a Security Information Event Management (SIEM) system.

The Mozilla Defense Platform (MozDef) seeks to automate the security incident handling process and facilitate the real-time activities of incident handlers.

Goals:

  • Provide a platform for use by defenders to rapidly discover and respond to security incidents.
  • Automate interfaces to other systems like bunker, banhammer, mig
  • Provide metrics for security events and incidents
  • Facilitate real-time collaboration amongst incident handlers
  • Facilitate repeatable, predictable processes for incident handling
  • Go beyond traditional SIEM systems in automating incident handling, information sharing, workflow, metrics and response automation

Status:

MozDef is in early proof of concept phases at Mozilla.

DOCS:

http://mozdef.readthedocs.org/en/latest/