Threat Intelligence and endpoint security tools are the most widely used tools in the security industry to analyze vulnerabilities in networks and applications.
Here is a complete list of access point security that includes penetration testing in all business environments.
Online courses : Endpoint Security Expert – Cyber attack handling, malware response, network protection and enterprise access points
Protection tools for endpoints
Protection against viruses / anti-malware
- Linux Malware Detect is a malware scanner for Linux designed to detect threats from shared hosting environments.
Disarmament and content recovery equipment
- DocBleach is open source software for the decontamination and reconstruction of Office, PDF and RTF documents.
Endpoint security tools for configuration management
- Rudder – Rudder is an easy-to-use online role-playing solution for IT infrastructure automation and compliance. Automation of general system management tasks (installation, configuration); implementation of the configuration over time (once a configuration is correct, the accuracy of the configuration is ensured and it is automatically better corrected); inventory of all managed nodes; web interface for configuration and management of nodes and their configuration; compliance reports, per configuration and/or per node.
Certification
- Google Authenticator – The Google Authenticator project includes the implementation of unique password generators for different mobile platforms and a plug-in authentication module (PAM). Unique codes are generated using open standards developed by the Open Authentication Initiative (OATH) (not associated with OAuth). These implementations support the HMAC one-time password (HOTP) algorithm as specified in RFC 4226 and the TOTP one-time password algorithm as specified in RFC 6238. Textbooks: How to configure the two-factor authentication for SSH connection to Linux?
Mobile / Android / iOS
Forensic Endpoint Security Tools
- grr – GRR Rapid Response is an incident response system focused on real-time remote forensic analysis.
- Volatility is a memory retrieval and analysis framework based on Python.
- The MIG is a platform for performing surveillance operations at remote endpoints. It enables investigators to simultaneously obtain information from different systems, speeding up incident investigations and improving the safety of daily operations.
- ir-rescue – ir-rescue is a batch script for Windows Batch and Unix Bash for the complete collection of forensic host data during incident response.
Threat analysis tools
- ZeuS Tracker / SpyEye Tracker / Palevo Tracker / Feodo Tracker tracks Command&Control servers (hosts) worldwide and provides you with a blocking list of domains and IPs.
- New Threats – Open Source – Threat Intelligence Tools – Threats started 10 years ago as an open source community for collecting Suricata and SNORT® rules, firewall rules and other IDS rulesets. The free software community continues to play an active role in securing the Internet, with more than 200,000 active users downloading this set of rules every day. The ETOpen ruleset is open to any user or organization, as long as it follows some basic guidelines Our ETOpen ruleset can be downloaded at any time.
- PhishTank – PhishTank is a common centre for the exchange of data and information about phishing on the Internet. In addition, PhishTank offers an open API for developers and researchers to freely integrate anti-phishing data into their applications.
- SBL / XBL / PBL / DBL / DROP / ROKSO – The Spam Project is an international non-profit organization whose mission is to track spam transactions and Internet resources, reliably protect Internet networks from spam in real time, work with law enforcement agencies to detect and track spam and malicious gangs worldwide, and lobby governments to introduce effective anti-spam legislation.
- Internet Storm Center – MNC was founded in 2001 after a successful detection, analysis and extensive warning about the Li0n worm. Today, the SAI provides free analysis and alerts to thousands of Internet users and organizations, and actively works with Internet Service Providers to combat the most malicious attackers.
- AutoShun – Threat Intelligence Tools called AutoShun is a Snort plug-in that allows you to send your IDS Snort logs to a central server that correlates attacks from your sensor logs with other Snort filters, honeypots and mail from all over the world.
- DNS-BH – The DNS-BH project creates and maintains a list of domains known to be used to spread malware and spyware. This project creates Windows zone and links files needed to provide fake localhost answers to all requests, preventing many spyware installations and reports.
- AlienVault Open Threat Exchange is a threat analysis tool called AlienVault Open Threat Exchange (OTX) that helps protect your networks from data loss, service disruption, and system compromise due to malicious IP addresses.
- Tor bulk exit list – CollecTor, your easy-to-use data collection service on the Tor CollecTor network receives data from various hosts and services on the public Tor network and makes it available to the world. If you are researching a Thor network or developing an application that uses Thor network data, this is your starting point. List of TOR nodes / DNS blacklists / List of Tor nodes
- leakedin.com – The main purpose of leakedin.com is to inform visitors about the risks of data loss. This blog is just a compilation of examples of data lost or published on websites such as pastebin.com.
- FireEye OpenIOCs – Publicly available FireEye Compromise Indicators (IOCs)
- OpenVAS NVT Feed is a test strip for vulnerabilities in the public network (NVT). It contains more than 35,000 NTG (as of April 2014), which is increasing daily. This tape is configured for OpenVAS by default.
- Project Honey Pot – Project Honey Pot is the first and only distributed system to identify spammers and spam robots that use it to remove addresses from your website. The Honey Pot System project allows you to define addresses that are linked to the time and IP address of visitors to your website. When one of these addresses begins receiving email, we can determine not only that the messages are spam, but also the exact time the address was collected and the IP address it collected.
- VirusTotal – VirusTotal, a subsidiary of Google, is a free online service that scans files and URLs for viruses, worms, Trojans and other types of malicious content detected by antivirus programs and website scanners. At the same time, it can be used as a means of detecting false positives, i.e. harmless devices detected as malignant by one or more scanners.
- IntelMQ – IntelMQ is a CERT solution for collecting and processing security channels, plug-ins and tweets using the Message Queuing Protocol. This is a Community initiative called IHAP (Incident Handling Automation Project), developed by the European CERTs during several InfoSec events. The main goal is to provide an easy way for Incident Response Teams to collect and process threat information to improve incident management within CERT. ENSIA homepage.
- CIFv2 – CIF is a system for managing cyber threats. CIF allows you to combine information about known malicious threats from different sources and use this information for identification (incident response), detection (IDS) and containment (route zero).
- CriticalStack – Free Aggregated Threat Information for Bro.
You can follow us on Linkedin, Twitter and Facebook to keep you up to date on a daily basis, and you can also take an online course on cyber security to keep you up to date.
Related Tags:
free dlp software,symantec data loss prevention,data loss prevention software cost,solarwinds dlp,opendlp,teramind dlp,cyber security tools pdf,cyber security tools list,cyber security software companies,cyber tools definition,cyber tools meaning,cyber security systems,endpoint security software free download,sophos enterprise console review,windows enterprise mobility and security,sophos reviews,sophos central review,symantec endpoint protection pros and cons,what is endpoint security solutions,endpoint protection solution azure,bitdefender gravityzone ultra,best endpoint protection for mac,symantec endpoint protection review,endpoint antivirus,what is endpoint protection software,endpoint security tools open source,avast endpoint protection,seqrite endpoint security review,webroot vs symantec endpoint,inherent persistence,provides a snapshot of threats over time,endpoint security policy,endpoint security scope,endpoint protection basics,endpoint security technologies,enterprise antivirus comparison 2020,avast business antivirus pro plus,bitdefender for business,bitdefender gravityzone elite,best antivirus for small business reddit,endpoint security tools,endpoint protection software,best endpoint protection 2019 gartner,cyber security tools 2019,endpoint security vendors,gartner endpoint protection 2018