Badger - The Networked Security State Estimation Toolkit

by Edmond Rogers, William Rogers, Gabe Weaver
Sept. 19, 2017 0 comments Black Hat belen_caty Detection & Response

he recently open sourced Cyber Physical Topology Language (CPTL) has allowed cyber defenders the capability of building tools to provide metrics for estimation of a security state. This provides a metric that can be used to assess the ongoing security status of data network. Using CPTL's framework, monitoring data from any arbitrary tool can be imported through standard data gathering methods such as syslog and SNMP queries. The toolkit specifically provides a running score from a many configurable settings based on metrics gathered on applications, systems, or networks. A graphical canvas in the Badger provides an at a glance view of the state of networked security elements.