Lib.rs

#security #free #secure #aims #source #open #correct

app chitin_security

Placeholder for Chitin Security. Chitin Security is a project that aims to make a truly open source and free SIEM/EDR/SOAR combination with Rust that is Secure and correct.

by Thomas

2 releases

0.0.1 Nov 18, 2020
0.0.0 Nov 17, 2020

#52 in #correct

GPL-3.0 license

15KB

Chitin Security

Chitin Security is a project that aims to make a truly open source and free SIEM/EDR/SOAR combination with Rust that is Secure and correct. Only pay for swag and detections on Patreon.

Features

With Endpoint agents on Windows 10+, Mac10.15, Linux (Ubuntu, CentOS)

Dashboards

Visualize correlations of events to create details views of attack vectors from Endpoint, Network, Cloud, etc

Threat Metrics

Analytics

Reports

Action Center

Incident Management

Cases, Incidents, Alerts, Report IP

Hunt

Investigate, Custom Detections, Active Defense (Locked to select personnel, Honey)

Custom Detections

Detection management for in house detection creation and categorization

Customer Management

Get a look inside any environment you are protecting, whether it be your own or others. Software/hardware inventory management

Inventory

Hardware Inventory Software Inventory

Flows

Orchestrate, Automate, and Respond if/then playbooks. create tickets, create cases, isolate, ban, deactivate account, prompt a terminal, file quarantine, report IPs, report to cloud host providers

Manage Flows

Third Party Application for Flows

Apps

Cyberchef, Sigma, OSQuery, GRR, The Hive

Security Management

Security Testing

Scanning, Penetration Tests Not only will all scanning devices now be appropriately labeled so as to not cause FP, but this will also include reports for them once I know their job better Scanning - Scan reports based on logs, False Positive report submit,

Vulnerability Management

Priority critical patches, then Red Team, then Penetration Test fixes, then scan fixes, then all others

Adversary Emulation

Atomic Red Team and Caldera management

News

Threat Actor Summaries

MITRE ATT&CK Threat Actors that can be sorted and displayed using various filters

RSS Feed

Twitter Feed

Internal Intel

Area for the Intelligence Team to work out of. tbd

Collaboration channel with others with Chitin Security

Tread carefully here, thinking of features later

Account Management

Settings

Feedback

Common questions your customers ask of you that this platform does not easily provide, issues and bugs, etc

No runtime deps