The top ten open source security tools to count the Internet giants ' dedication [turn]

Excerpt from the Red and Black Alliance, original link: http://www.2cto.com/Article/201411/355461.html

Large Internet companies such as Facebook are pushing servers that are similar to open source projects for data centers and big data tools, and when large internet companies are challenged by the ability of technology vendors to operate on ultra-large infrastructure operations, the Giants choose his new to be the catalyst and provider of innovative technology. The same situation is happening in the field of information security. Many large internet companies often open up the top security tools they have developed to promote the security of the entire Internet.

Earlier this month, security New Zeng introduced Google's Open source Web security testing tool firing Range, Nogofail, and Facebook's open source osquery.

In fact, not only does Google, Facebook, including Netflix and even Etsy.com, have contributed to the high-quality open source security tools.

The following safety cattle for everyone to summarize the top ten internet giants open source security tools for your collection reference:

Safety Monkey Security Monkey

"Safe Monkey" is a security tool that Netflix developed three years ago to monitor and secure the configuration of Amazon Cloud services, including monitoring various AWS account components, development and execution of opportunity rules, and notifying users when audit rules are triggered. and store the configuration history information for electronic forensics and auditing purposes.

Second, Osquery

Osquery is a security tool that Facebook has just released, providing security professionals with a system to invoke the functionality of the underlying operating system, such as starting a process, loading a kernel module, opening a network connection in a SQL database table, querying and monitoring.

Third, Skyline

Skyline is a nagios-like real-time anomaly detection system developed by the e-commerce website Etsy technical team, primarily to provide a scalable, passive monitoring indicator system for security teams that can track hundreds of thousands of metrics at the same time.

Iv. MIDAS

Midas is a lightweight and scalable intrusion detection system developed by Etsy and the Facebook security team for Mac computers. The development team wanted to start with Midas, and the company began to pay attention to the common attack patterns of OSX system endpoints.

Wu, Secureheaders

Secureheaders is a gift from Twitter to Web developers as a Web security development tool that Secureheaders automatically enforces security-related header rules, including Content security Policy (CSP), to prevent attacks such as XSS, HSTs, etc. Prevent fire sheep (firesheep) attacks as well as XFO click Hijacking and so on.

VI, Google Rapid Response

GRR (Google Rapid Response) is a time-response framework developed by Google to support remote real-time forensics. Google will share grr with the security community as an open source tool, and can serve as a replacement for Fireeye/mandiant's Mir incident response platform.

VII, SCUMBLR and sketchy

Scumblr and sketchy are the two Web apps that Netflix released this summer to help security teams monitor and record security threats and attacks in social media and online chats.

Eight, conceal

Conceal is a simple set of Java APIs for the Android platform that enables fast encryption and authentication of large files in common storage devices such as SD cards. Conceal is designed by Facebook, and developers can use conceal to develop an encryption algorithm that works with older versions of Android and with lower processor overhead.

Nine, Rappor

Rappor (Randomized aggregatable privacy-preserving Ordinal Response) is a privacy tool released by Google last month that collects crowdsourcing statistics from end-user software without violating user privacy.

Ten, Moloch

Developed by AOL's technical team, Moloch is a network traffic analysis forensics tool capable of capturing IPV4 packets on a large scale, indexing and storing them, and browsing, searching and outputting all pcap data through a simple web interface.

The top ten open source security tools to count the Internet giants ' dedication [turn]