hubble 3.0.7 releases: a modular, open-source security compliance framework

From prodefence.org

HubbleStack (Hubble for short) is a modular, open-source, security & compliance auditing framework which is built in python, using SaltStack as a library. It provides on-demand profile-based auditing, real-time security event notifications, alerting and reporting. It also reports security information to Splunk, Logstash, or other endpoints. HubbleStack is a free and open-source project made possible by Adobe.

Hubble supports success/fail auditing via a number of included modules. The codename for the audit piece of Hubble is “Nova.” Hubble can gather incredible amounts of raw data from your hosts for later analysis. The codename for the insights piece of Hubble is Nebula. It primarily uses osquery which allows you to query your system as if it were a database. Pulsar is designed to monitor for file system events, acting as a real-time File Integrity Monitoring (FIM) agent. Pulsar uses python-inotify to watch for these events and report them to your destination of choice.

Read more…