|
|
| Line 410: |
Line 410: |
| ! Comments | | ! Comments |
| |- | | |- |
| | Mozilla Investigator: Auditd integration
| |
| | Implement support for syscall monitoring on Linux system via the Audit daemon. This should include integration with the [https://github.com/mozilla/audit-go audit-go] library, as well as reporting and escalation. A key component of the project is to correlate anomalies across nodes, to identify unusual systems registered by isolated systems but not by the rest of the infrastructure.
| |
| | Strong Go and C programming skills. Good knowledge of Operating Systems architecture and the Linux kernel.
| |
| | Julien Vehent
| |
| | [https://mozillians.org/en-US/u/jvehent/ Julien Vehent :ulfr] & [https://mozillians.org/en-US/u/kang/ Guillaume Destuynder :kang]
| |
| | MIG (github.com/mozilla/mig) is a distributed digital forensics framework deployed across thousands of systems at Mozilla. It is used by various groups to maintain good security levels across the environments, and investigate incidents and vulnerabilities.
| |
| |} | | |} |
|
| |
|