CHIRON ELK

LSE toolsLSE toolsCHIRON ELK (298)CHIRON ELK (298)

Tool and Usage

Project details

License
Apache License 2.0
Programming language
Python
Author
Joseph Zadeh
Latest release
No release found
Latest release date
Unknown

Project health

64
This score is calculated by different factors, like project age, last release date, etc.

Why this tool?

CHIRON is a tool to provide network analytics based on the ELK stack. It is combined with Machine Learning threat detection using the Aktaion framework. Typical usage of the tool is home use and get the visibility of home internet devices. By leveraging the Aktaion framework, it helps with detection threats like ransomware, phishing, or other malicious traffic.

How it works

CHIRON parses data from external tools like P0f, Nmap, and BRO IDS.

Usage and audience

CHIRON ELK is commonly used for network analysis, network security monitoring, network traffic analysis, or threat discovery. Target users for this tool are network administrators, security professionals, and system administrators.

Features

  • Customization and additions are possible
  • Web interface

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:

Strengths

  • + The source code of this software is available

Weaknesses

  • - No releases on GitHub available

History and highlights

  • Demo at Black Hat USA 2018 Arsenal
  • Demo at DEF CON 26 Demo Labs

Author and Maintainers

CHIRON ELK is under development by Joseph Zadeh.

Installation

Supported operating systems

CHIRON ELK is known to work on Linux.

CHIRON ELK alternatives

Similar tools to CHIRON ELK:

100

Suricata

Network threat detection engine that acts as intrusion detection (IDS), inline intrusion prevention (IPS), and network security monitoring (NSM)

60

SCUTUM

SCUTUM is a security tool for Linux systems to filter network traffic. With this firewall functionality, it can allow only whitelisted network gateways.

85

DejaVu

DejaVu is an open source deception framework which can be used to deploy and administer decoys across a network infrastructure. Read how it works in this review.

All CHIRON ELK alternatives

This tool page was updated at . Found an improvement? Help the community by submitting an update.

Related tool information

Definitions

ELK
ELK is short for three open source projects, which are Elasticsearch, Logstash, and Kibana. Each of the tools has their own role. Elasticsearch is the search and analytics engine. Logstash is the data collector and can transform it for further processing. Kibana is the data visualization tool for Elasticsearch.