Ansible role to apply a security baseline. Systemd edition.
-
Updated
May 27, 2024 - Jinja
Ansible role to apply a security baseline. Systemd edition.
Install and configure auditd on your system.
Simple alpine image with auditd intended usage is to be used in combination with docker-desktop kubernetes to allow building a seccomp profiles with the kubernetes-sigs/security-profiles-operator
go-libaudit is a library for communicating with the Linux Audit Framework.
An Autopsy data source ingest module for detection of IOCs in EVTX for Windows and Auditd for Linux based on SIGMA Rules.
ArchLinux setup which focuses on desktop security
Ansible role to install auditbeat for security monitoring. (Ruleset included)
nagios plugin for monitoring auditd status and logged events
A Linux Auditd rule set mapped to MITRE's Attack Framework
Notes about linux-audit subsystem (kernel & userspace)
Proof-of-Concept to evade auditd by writing /proc/PID/mem
Add a description, image, and links to the auditd topic page so that developers can more easily learn about it.
To associate your repository with the auditd topic, visit your repo's landing page and select "manage topics."