Package: wnpp Severity: wishlist Owner: Joseph Mazzini [email protected] X-Debbugs-CC: [email protected], [email protected]
* Package name : sys-scan-graph Version : 6.0.0 Upstream Author : Joseph Mazzini [email protected] * URL : https://github.com/J-mazz/sys-scan-graph * License : Apache-2.0 Programming Lang: C++, Python Description : System security scanner and graph generator sys-scan-graph is a comprehensive system security scanning tool that combines a high-performance C++20 scanning engine with an AI-powered intelligence layer to deliver in-depth Linux system security analysis. The tool performs vulnerability assessments, compliance checks, and provides detailed security insights for Linux systems. The C++ core scanner performs fast, deterministic security enumeration across 16 specialized domains, including process analysis, network socket detection, kernel hardening checks, and SUID/SGID binary tracking. It emphasizes determinism by producing RFC 8785 canonical JSON output, ensuring reproducible results. The Python-based intelligence layer transforms the raw scan data into actionable security intelligence. It utilizes an embedded, fine-tuned Mistral-7B model for analysis, which allows for offline operation and ensures data sovereignty. This layer provides features such as MITRE ATT&CK correlation, baseline anomaly detection, and compliance mapping for standards like PCI DSS 4.0, HIPAA, and NIST CSF 2.0. The Python component is also available on PyPI as `sys-scan-agent`. The project is actively maintained, has comprehensive test coverage with over 900 test cases, and is well-documented. I will be maintaining this package.
