Cyber Security

Rustinel: Open-source endpoint detection for Windows and Linux

Rustinel: Open-source endpoint detection for Windows and Linux

Open-source endpoint detection has long been split between Windows-focused tools built around Sysmon and Linux tools built around eBPF or auditd. Defenders running mixed environments have had to stitch together separate pipelines, separate rule sets, and separate maintenance burdens. Rustinel, a Rust-based endpoint agent, is an attempt to collapse that work into a single codebase. A single agent across two operating systems Rustinel collects telemetry through ETW on Windows and eBPF on Linux, normalizes the … More

The post Rustinel: Open-source endpoint detection for Windows and Linux appeared first on Help Net Security.

Read More

Related Posts

Helping North Korean IT remote workers is becoming a fast track to prison

Helping North Korean IT remote workers is becoming a fa...

One Missed Threat Per Week: What 25M Alerts Reveal About Low-Severity Risk

One Missed Threat Per Week: What 25M Alerts Reveal Abou...

Product showcase: NetGuard open-source firewall for Android

Product showcase: NetGuard open-source firewall for And...

Security teams are turning to AI to survive alert overload

Security teams are turning to AI to survive alert overload

Roblox chat moderation gets bypassed by leet speak and code words

Roblox chat moderation gets bypassed by leet speak and ...

Week in review: cPanel vulnerability actively exploited, DigiCert breach, LinkedIn job scams

Week in review: cPanel vulnerability actively exploited...