Latest Version 1.4.2
May 8, 2017
Welcome to the new Splunkbase! To return to the old Splunkbase, .
This app is archived.
Forcepoint Threat Protection for Linux (Second Look) - App for Splunk
Forcepoint Threat Protection for Linux (Second Look) performs enterprise-scale Linux memory forensics. It checks the integrity of the running kernel, processes, and executable code cached in memory on Linux systems. It alerts security professionals to rootkits, malware, and other unknown or unauthorized software in memory. Due to its integrity-based approach, it is not reliant on signatures or prior knowledge of specific threats.
Built by
Compatibility
Not Available
Rating
0
(0)
Log in to rate this app
Support
Not Supported
Forcepoint Threat Protection for Linux (Second Look) performs enterprise-scale Linux memory forensics. It checks the integrity of the running kernel, processes, and executable code cached in memory on Linux systems. It alerts security professionals to rootkits, malware, and other unknown or unauthorized software in memory. Due to its integrity-based approach, it is not reliant on signatures or prior knowledge of specific threats.
The Forcepoint Threat Protection for Linux - App for Splunk is a set of custom dashboards that enable users to monitor the state of their deployment, including scan and alert activity, based on messages emitted from scanning servers and ingested into Splunk Enterprise. From the App one can drill down with a single click to full forensic context in the Threat Protection for Linux web interface.
Product page: https://www.forcepoint.com/product/security-cloud/threat-protection-linux
Categories
Created By
Andrew Tappert
Type
app
Downloads
586
Licensing
Splunk Answers
Resources
Log in to report this app listing