Citadel browser agent 作者: Arno van Wouwe
Citadel is a browser agent that detects malware and shadow IT by analyzing and logging security events in a privacy-respecting way
您需要 Firefox 来使用此扩展
扩展元数据
屏幕截图
关于此扩展
Citadel is a browser agent that detects malware and shadow IT by analyzing and logging security events in a privacy-respecting way
Citadel is a browser agent that detects malware and shadow IT by analyzing and logging browser security events to syslog and Windows Event Log a privacy-respecting way. It is meant to be used by CISO and CIO to secure staff laptops, increase situational awareness, verify application of IT policy and allow Digital Forensics and Incident Response (DFIR).
Citadel can download lists of known bad sites and URLs and block access to them.
The following browser security events are detected and reported:
It detects the following events in the browser:
* IP or URL is blacklisted (configurable blacklist)
* the browser has blocked the navigation to the site
* user is using unencrypted protocols for an application (e.g. FTP or HTTP)
* user is using URL with username or password in the URL
* user has downloaded a file
* user has selected a file (n.b. it is unknown if the file was uploaded)
* user has opened the print dialog for a page (n.b. it is unknown if the dialog was cancelled)
* the user is warned that the downloaded file is dangerous
* user has accepted downloading of dangerous file
* user has used a password that does not conform to the password policy
* security-related network errors (see chrome://network-errors)
It also reports on usage statistics of applications, allowing for detection of shadow IT.
Events and reports are written as syslog entries with a relevant level, and can then be consumed by a SIEM or EDR. Citadel comes pre-integrated with the Wazuh, the open source XDR.
Citadel is a browser agent that detects malware and shadow IT by analyzing and logging browser security events to syslog and Windows Event Log a privacy-respecting way. It is meant to be used by CISO and CIO to secure staff laptops, increase situational awareness, verify application of IT policy and allow Digital Forensics and Incident Response (DFIR).
Citadel can download lists of known bad sites and URLs and block access to them.
The following browser security events are detected and reported:
It detects the following events in the browser:
* IP or URL is blacklisted (configurable blacklist)
* the browser has blocked the navigation to the site
* user is using unencrypted protocols for an application (e.g. FTP or HTTP)
* user is using URL with username or password in the URL
* user has downloaded a file
* user has selected a file (n.b. it is unknown if the file was uploaded)
* user has opened the print dialog for a page (n.b. it is unknown if the dialog was cancelled)
* the user is warned that the downloaded file is dangerous
* user has accepted downloading of dangerous file
* user has used a password that does not conform to the password policy
* security-related network errors (see chrome://network-errors)
It also reports on usage statistics of applications, allowing for detection of shadow IT.
Events and reports are written as syslog entries with a relevant level, and can then be consumed by a SIEM or EDR. Citadel comes pre-integrated with the Wazuh, the open source XDR.
为您的体验打分
权限详细了解
此附加组件需要:
- 与 Firefox 之外的其他程序交换信息
- 下载文件和读取与修改浏览器的下载历史
- 获知浏览器导航时的行为状态
- 访问您在所有网站的数据
此附加组件可能也会要求:
- 访问您在所有网站的数据
更多信息
- 附加组件链接
- 版本
- 1.2
- 大小
- 169.91 KB
- 上次更新
- 2 个月前 (2025年4月19日)
- 相关分类
- 许可证
- 仅 GNU 通用公共许可证 v3.0
- 版本历史
添加到收藏集
Arno van Wouwe 制作的更多扩展
目前尚无评分- 目前尚无评分
- 目前尚无评分
- 目前尚无评分
- 目前尚无评分
- 目前尚无评分