cmdReporter Wiki

Open navigation

Host Intrusion Detection (HID)

What's Monitored in Beta 1

  • File locations where software can establish persistence on the host
  • Sensitive services such as ssh and file sharing configuration files
  • All events are designed to be tightly interlinked and enriched with the primary cmdReporter telemetry data stream

Event Format

  • In Beta 1, the HID logs will retain their FILE_EVENT format.
  • In a later Beta, the format of HID events will change. We will communicate timelines once available.

Planned Features Coming Soon

  • User behavior risk score based on proprietary on-device heuristics
  • Real-time Security Baseline reporting

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.