Thanks to visit codestin.com
Credit goes to github.com

Skip to content

MichaelRoberts98/RedWatch

Repository files navigation

REDWATCH

Project Description

Redwatch is an open source tool being developed by a team of developers with a focus on modular security that can realistically be incorporated across Linux Servers and Linux Endpoints in an enterprise setting. The development team includes enterprise systems administrators, incident responders, helpdesk staff, and devolopers. This tool seeks to increase the Authentication, Authorization and Accounting by providing an automated baseline and ongoing security audit, looking for key indicators of compromise and raising alerts.

Our End Goal

Redwatch will always, by the adaptive nature of cybersecurity, be a work in progress. However, our end goal is to have a tool that can provide intelligent feedback to Blue Teamers and Systems Administrators in near real-time while helping prevent compromise.

Development Team and Contributions

Our development team currently consists of 6 regular contributors, with many other sources and developers contributing patches, suggestions, and features. Feel free to submit pull requests to get your features implemented in the same build. Contact us by opening an issue if you'd like to become a regular contributor.

Objectives

Mitigation: Mitigate specific configuration errors/known exploits by applying additional countermeasures.

Prevention: Prevent common attacks by hardening configurations at the operating system or application level.

Detection: Detect types of attacks by looking for persistence/indicators of compromise.

Compliance:

REDWATCH is not sponsored by/endorsed by United States Air Force/Department of Defense. However, we attempt to implement solutions compliant with United States Air Force Manual 17-1301, which in turns implements Air Force Policy Directive 17-1, and Department of Defense Instruction 8551.01.

DoD/NSA Documents Referenced list:

https://media.defense.gov/2019/Sep/09/2002180360/-1/-1/0/CONTINUOUSLY%20HUNT%20FOR%20NETWORK%20INTRUSIONS.PDF

https://media.defense.gov/2019/Sep/09/2002180346/-1/-1/0/TRANSITION%20TO%20MULTI-FACTOR%20AUTHENTICATION.PDF

https://media.defense.gov/2019/Jul/16/2002158046/-1/-1/0/NSA

https://media.defense.gov/2019/Sep/09/2002180330/-1/-1/0/DEFEND%20PRIVILEGES%20AND%20ACCOUNTS.PDF

https://media.defense.gov/2019/Jul/16/2002158054/-1/-1/0/DEFENDING%20YOUR%20DNS%20INFRASTRUCTURE_BANNERLESS%20.PDF

https://media.defense.gov/2019/Sep/09/2002180325/-1/-1/0/SEGMENT%20NETWORKS%20AND%20DEPLOY%20APPLICATION%20AWARE%20DEFENSES_20190905.PDF

https://media.defense.gov/2020/Apr/22/2002285959/-1/-1/0/DETECT%20AND%20PREVENT%20WEB%20SHELL%20MALWARE.PDF

About

Repository for creating an Enterprise Linux hardening tool.

Resources

License

Stars

4 stars

Watchers

5 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors

Languages