|
(Page 1 of 122) 1 2 3 4 5 6 7 8 9 10 11 Next > Category: Auditing Yasca Added 2008-09-30 Yasca is a source code analyzer that integrates other open-source tools (PMD, FindBugs, Jlint) to produce a single output file. Yasca is easily extensible and includes a large number of custom rules implemented via a plugin-based architecture. Yasca is designed to find "low hanging fruit" and has plugins supporting a variety of languages, but mostly focused on Java and C/C++. OSSEC HIDS Added 2008-08-29 OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows. Grendel-Scan Added 2008-08-24 Grendel-Scan is an open source web application security tool. It has a number of automated testing modules for finding common vulnerabilities such as SQL injection, cross-site scripting, or session fixation. There are also a number of features to aid in manual application penetration testing, such as a intercepting proxy. EventManager Added 2008-08-20 EventManager is a full-featured security breach and threat detection appliance. It integrates tightly with (and is upgradeable from) Exaprotect’s LogManager solution. EventManager constantly monitors and analyzes a vast array of input sources including security network devices, applications, operating systems, intrusion detection systems, and databases to correlate disparate events such as user authentication, VPN access, and database alterations to provide insight into potential security threats facing your organization’s infrastructure. An elegant user interface and reporting engine conceal the raw power and complexity of the advanced correlation engine that provides unparalleled accuracy in tracking multiple-step security threats and virtually eliminating false alarms. A large set of pre-built settings and a wizard-based AJAX interface for custom data sources make setup and maintenance fast and straightforward. LogManager Added 2008-08-20 LogManager is a self running appliance that collects and stores the massive amounts of log data generated from applications and network devices found in large enterprise-class infrastructures. It provides a quick and cost-effective solution for organizations trying to achieve regulatory compliance today while enabling a simple upgrade to full-featured Event Management functionality tomorrow. Solsoft ChangeManager Added 2008-08-20 Solsoft ChangeManager is the only centralized, Intelligent Multivendor platform that streamlines the end to end Design and Generation of Network Security rules for Firewalls, Router, VPN, IPS’s. ChangeManager acts as a central Network Security Rule repository. It’s visual policy interface designs, generates, implements, tracks and audits your security rules for multi-vendor networks consisting of firewalls, routers, switches, VPNs and IPs. ChangeManager's Topology or Tabular interface streamlines the change management process during firewall migration and other complex security update configuration changes. Users can simply drag-and-drop a new service across their network and ChangeManager will translate this high level, business policy change request into device-level instructions providing a simple, scalable model that can represent the most complex policies. ChangeManager’s “Rules Engine” automatically optimizes, orders, inserts, checks rules for conflicts and applies these generated security configurations on the network devices effected by the rule change. Thus providing true end-to-end security rule design and auditing capability. After the acquisition of Solsoft by Exaprotect, Solsoft Policy Server, Firewall Manager and NetFilterOne were integrated into the Exaprotect security product line as Solsoft ChangeManager. Exaprotect provides centralized Configuration Management, Log Management, and Event Monitoring and Correlation solutions for enterprises and service providers with large-scale, heterogeneous network infrastructures. DAVIX Added 2008-08-17 DAVIX - the Data Analysis & Visualization Linux® - brings the most important tools for data processing and visualization to your desk. This solution allows you to get started with security visualization without cumbersome compiling and installing tools. The DAVIX CD is based on SLAX 6.0 and follows a modularized approach. Thus, the SLAX ISO image can easily be customized for various purposes. It can even be installed on USB sticks and provide you with mobile analysis capabilities. The CD is shipped with a comprehensive manual that gives you a quick start for all tools and provides information on how-to tailor DAVIX to your needs. All tools are accessible through the KDE start menu and are accompanied with links to external manuals and tutorials. Sipflanker Added 2008-08-02 Many (if not most) VoIP devices have available a Web GUI for their configuration, management, and report generation. These Web GUIs are often on default, meaning that the moment you install the IP phone or IP PBX, the Web GUI is immediately available on the network. And unfortunately it is also common for the username and password to have the default values. Sipflanker will help you find these SIP devices with potentially vulnerable Web GUIs in your network. What the application does is search the range of IPs you specify, and checks if port 5060 is available. Whether open or close, port 5060 indicates the presence of a SIP device. Then it checks if port 80 (http) is open. The combination of an open port 80, together with port 5060, either open or closed, signals a SIP device with a Web GUI. Exploit-Me Added 2007-11-27 Exploit-Me is a set of Firefox plugins to test for reflected Cross-Site Scripting and SQL Injection vulnerabilities in web applications. The tools are designed to be lightweight, extensible and easy to use. syslog-ng Premium Edition Added 2007-08-10 The syslog-ng Premium Edition application is a system logging client and server application that offers native TCP and TLS support, disk buffering, and logging directly into SQL databases. It runs on a variety of UNIX-like systems, and can also collect logs from Microsoft Windows platforms. Browse by category |
|
|
Privacy Statement |
