RITA v3.0.5 releases: Real Intelligence Threat Analytics

From prodefence.org

Real Intelligence Threat Analytics (RITA) is an open-source framework for network traffic analysis.

The framework ingests Bro Logs, and currently supports the following analysis features:

  • Beaconing Detection: Search for signs of beaconing behaviour in and out of your network
  • DNS Tunneling Detection Search for signs of DNS based covert channels
  • Blacklist Checking: Query blacklists to search for suspicious domains and hosts
  • URL Length Analysis: Search for lengthy URLs indicative of malware
  • Scanning Detection: Search for signs of port scans in your network

Read more…