Citadel browser agent 作成者: Arno van Wouwe
Citadel is a browser agent that detects malware and shadow IT by analyzing and logging security events in a privacy-respecting way
この拡張機能を使用するには Firefox が必要です
拡張機能メタデータ
スクリーンショット
この拡張機能について
Citadel is a browser agent that detects malware and shadow IT by analyzing and logging security events in a privacy-respecting way
Citadel is a browser agent that detects malware and shadow IT by analyzing and logging browser security events to syslog and Windows Event Log a privacy-respecting way. It is meant to be used by CISO and CIO to secure staff laptops, increase situational awareness, verify application of IT policy and allow Digital Forensics and Incident Response (DFIR).
Citadel can download lists of known bad sites and URLs and block access to them.
The following browser security events are detected and reported:
It detects the following events in the browser:
* IP or URL is blacklisted (configurable blacklist)
* the browser has blocked the navigation to the site
* user is using unencrypted protocols for an application (e.g. FTP or HTTP)
* user is using URL with username or password in the URL
* user has downloaded a file
* user has selected a file (n.b. it is unknown if the file was uploaded)
* user has opened the print dialog for a page (n.b. it is unknown if the dialog was cancelled)
* the user is warned that the downloaded file is dangerous
* user has accepted downloading of dangerous file
* user has used a password that does not conform to the password policy
* security-related network errors (see chrome://network-errors)
It also reports on usage statistics of applications, allowing for detection of shadow IT.
Events and reports are written as syslog entries with a relevant level, and can then be consumed by a SIEM or EDR. Citadel comes pre-integrated with the Wazuh, the open source XDR.
Citadel is a browser agent that detects malware and shadow IT by analyzing and logging browser security events to syslog and Windows Event Log a privacy-respecting way. It is meant to be used by CISO and CIO to secure staff laptops, increase situational awareness, verify application of IT policy and allow Digital Forensics and Incident Response (DFIR).
Citadel can download lists of known bad sites and URLs and block access to them.
The following browser security events are detected and reported:
It detects the following events in the browser:
* IP or URL is blacklisted (configurable blacklist)
* the browser has blocked the navigation to the site
* user is using unencrypted protocols for an application (e.g. FTP or HTTP)
* user is using URL with username or password in the URL
* user has downloaded a file
* user has selected a file (n.b. it is unknown if the file was uploaded)
* user has opened the print dialog for a page (n.b. it is unknown if the dialog was cancelled)
* the user is warned that the downloaded file is dangerous
* user has accepted downloading of dangerous file
* user has used a password that does not conform to the password policy
* security-related network errors (see chrome://network-errors)
It also reports on usage statistics of applications, allowing for detection of shadow IT.
Events and reports are written as syslog entries with a relevant level, and can then be consumed by a SIEM or EDR. Citadel comes pre-integrated with the Wazuh, the open source XDR.
あなたの体験を評価
権限詳細情報
このアドオンの権限:
- Firefox 以外のプログラムとのメッセージ交換
- ファイルのダウンロードおよびブラウザーのダウンロード履歴の読み取りと変更
- ナビゲーション中のブラウザーアクティビティへのアクセス
- すべてのウェブサイトの保存されたデータへのアクセス
このアドオンは次の権限も求めます:
- すべてのウェブサイトの保存されたデータへのアクセス
詳しい情報
- アドオンリンク
- バージョン
- 1.2
- サイズ
- 169.91 KB
- 最終更新日
- 2ヶ月前 (2025年4月19日)
- 関連カテゴリー
- ライセンス
- GNU General Public License v3.0 only
- バージョン履歴
コレクションへ追加
Arno van Wouwe が公開している他の拡張機能
まだ評価されていません- まだ評価されていません
- まだ評価されていません
- まだ評価されていません
- まだ評価されていません
- まだ評価されていません