Tool and Usage
- Apache License 2.0
- Programming language
- Joseph Zadeh
- Latest release
- No release found
- Latest release date
Why this tool?
CHIRON is a tool to provide network analytics based on the ELK stack. It is combined with Machine Learning threat detection using the Aktaion framework. Typical usage of the tool is home use and get the visibility of home internet devices. By leveraging the Aktaion framework, it helps with detection threats like ransomware, phishing, or other malicious traffic.
How it works
CHIRON parses data from external tools like P0f, Nmap, and BRO IDS.
Usage and audience
CHIRON ELK is commonly used for network analysis, network security monitoring, network traffic analysis, or threat discovery. Target users for this tool are network administrators, security professionals, and system administrators.
- Customization and additions are possible
- Web interface
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + The source code of this software is available
- - No releases on GitHub available
History and highlights
- Demo at Black Hat USA 2018 Arsenal
- Demo at DEF CON 26 Demo Labs
Supported operating systems
CHIRON ELK is known to work on Linux.
CHIRON ELK alternatives
Similar tools to CHIRON ELK:
Network threat detection engine that acts as intrusion detection (IDS), inline intrusion prevention (IPS), and network security monitoring (NSM)
SCUTUM is a security tool for Linux systems to filter network traffic. With this firewall functionality, it can allow only whitelisted network gateways.
DejaVu is an open source deception framework which can be used to deploy and administer decoys across a network infrastructure. Read how it works in this review.
This tool page was updated at . Found an improvement? Help the community by submitting an update.
Related tool information
- ELK is short for three open source projects, which are Elasticsearch, Logstash, and Kibana. Each of the tools has their own role. Elasticsearch is the search and analytics engine. Logstash is the data collector and can transform it for further processing. Kibana is the data visualization tool for Elasticsearch.
This tool is categorized as a network defense tool, network security monitoring tool, and network threat detection tool.