« Previous 1 2
Checking your endpoints with Stethoscope
Health Screen
While researching online recently, clicking from one security blog to another, I stumbled across a tool developed by Netflix called Stethoscope. Stethoscope is a sophisticated open-source security tool discussed in their blog [1] that is designed to assist with securing user devices.
The premise of Stethoscope is to keep corporate organizations safe by helping to mitigate the risk of security breaches. For businesses, successfully attacking users is the "…primary mechanism leading to security incidents and data breaches." Those devices that speak back to other devices present on an infrastructure are usually called "endpoints." Examples of endpoints include laptops, thin clients, smartphones, tablets, and Internet of Things (IoT) devices, but a server could also qualify as an endpoint. Securing endpoint devices usually requires significant forethought regarding policies and compliance.
Stethoscope is a web-based application. It's raison d'Ítre is to capture lots of interesting information about a device and then report back in a clear and concise manner. The hope is that, by giving users the information they need to make informed decisions about changes to their devices, it will improve the security posture across several infrastructure layers. And, by educating users, the organization will benefit as a whole as the users adopt safer practices and bear increased responsibility. Mitigating the most popular attacks, such as phishing attacks, is the key concern.
In this article, I'll get the Stethoscope application up and running and show you how to ingest data from lots of devices. I will then look at some sample data to see what you could expect when you've connected different types of devices. Stethoscope can pull endpoint data from a number of different device information and management systems, including Jamf [2],
...
Buy this article as PDF
(incl. VAT)
Buy ADMIN Magazine
US / Canada
UK / Australia
Related content
-
Turning machine state into a database
Learn how the osquery tool exposes system state in searchable form. -
CI/CD deliverables pipeline
Build a continuous integration pipeline by linking Git, Jenkins, Docker, and GitHub into a build chain that can be flexibly extended and modified. -
Incident response with Velociraptor
The software incarnation of the feared predator in the Jurassic Park movies has been on the hunt for clues to cyberattacks and indicators of compromise. We show you how to tame the beast and use it for your own purposes. -
Simple, small-scale Kubernetes distributions for the edge
We look at three scaled-down, compact Kubernetes distributions for operation on edge devices or in small branch office environments. -
News for Admins
In the news: Native edge computing comes to Red Hat Enterprise Linux; IBM/Red Hat deals crushing blow to CentOS; Linux Kernel 5.10 is ready for release 48; and Canonical launches curated container images.
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Most Popular
Support Our Work
ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.
