<If you had HTML email turned on you'd see a pretty picture here> If someone came to you and said "Build me a product that can find evil maid attacks, BadUSB, people leaking sensitive data between machines of different classification levels, Stuxnet coming back and forth on USB keys, or people plugging in USB wireless cards to machines that should not have USB wireless cards anywhere near them!" and you would have built El Jefe 2.2, a completely Free Enterprise Situational Awareness product.
You can do realtime monitoring of USB events via a few of the more expensive SIEM products (Tenable has a blogpost on it, for example) but El Jefe pulls back some rather different data, stores it differently, and that enables it to have a visualization interface and workflow that focuses on the known and unknown threats posed by USB in a quite different manner, and of course, prepares it for the upcoming anomaly detection release. You can build upon El Jefe - write export or analysis scripts, for example, as the entire product is GPLv3. We'd love to hear from you, and you can read more about this release here: http://immunityproducts.blogspot.com/2014/11/el-jefe-13-curious-case-of-3g-modem.html Thanks, Dave Aitel Immunity, Inc.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Dailydave mailing list [email protected] https://lists.immunityinc.com/mailman/listinfo/dailydave
