RockNSM is an open-source collections platform designed by the members of the Missouri National Guard Cyber Team (MOCYBER). It's primary focus is to provide a robust, scalable, and secure sensor platform for both enduring security monitoring (NSM) and incident response (IR) missions. Why choose us over the other names in the NSM game? Continue to the OVERVIEW.
We've been working on a lot of changes and ROCK 2.1 is here! You can read the full details in the changelog, but here's a quick overview of some of the latest additions:
- Docket, a REST API and web UI to query multiple stenographer instances
- Added Suricata-Update to manage Suricata signatures
- GPG signing of packages and repo metadata
- Added functional tests using testinfra
- Initial support of Elastic Common Schema
- Includes full Elastic (with permission) stack including features formerly known as X-Pack
- Elastic Stack is updated to 6.x
- Elastic dashboards, mappings, and Logstash config moved to module-like construct
- Suricata is updated to 4.x
- Bro is updated to 2.5.4
Deprecated - will be removed in the next release
- Pulled Pork
We've also been hard at work creating video content.
- ROCK Introduction - what ROCK is and how everything works together
- ROCK@home - 3 part series on the lowest barrier to entry: tapping your home network
OVERVIEW - concept / design, components / dataflow
BUILD - installation / configuration / deployment
OPERATE - basic usage / operation
MAINTAIN - administer / tune / troubleshoot
SERVICES - individual service management
DEV - development / testing / customization
This project is made possible by the efforts of an ever-growing list of amazing people. Take a look around our project to see all our contributors.