Developer: Net Squared Inc.
Current Version: 1.1
Last Updated: 3 years ago
Download Size: 8.7 MB - Download
Audit Explorer analyzes the Macintosh BSM audit trails, highlights notable events, lets you drill down to the actions of individual processes, and lets you explore the relationships between processes.
Apple’s BSM auditing system is one of the best in the world, and when configured correctly, it can be one of the most powerful security features at your disposal. BSM can provide far more useful information than firewalls, network monitors, antivirus software, and disk forensics tools. Audit Explorer lets you explore this data, helping you find out what happened on your system, assisting you in determining if your system was penetrated, and if so, how. If a user or malware tries to exfiltrate data from your computer, Audit Explorer can help you identify what documents were taken and how they were taken from your system.
Visit our site for video tours of Audit Explorer and to help you determine if this is the right tool for your security needs.
Version 1.1 supports several new features including: (1) custom filters to alert on events of interest to you, (2) ability to launch from a command line so audit analysis can be automated, (3) save analysis results, (4) upload analysis results to a web/audit server, (5) review all commands and arguments entered from a Terminal window or remote login, (6) look for all operations on a filename, (7) look for all connections to/from specific addresses and/or ports, and (8) a new dashboard front-end.
Most Helpful Reviews
A must-have tool for security conscious sysadmins and developers - Apple's BSM is an extremely powerful resource, but making sense of the data it collects is like trying to drink water from a fire hose. Audit Explorer digests this data and presents it in a very comprehensible, interactive way. Problems: When you first open the app, you'll probably wonder, "Okay, what now?" You'll want to checkout the help docs in Menu: Help > Audit Explorer Help for instructions on initial setup and log retrieval (both of which have to be done via command-line). Verdict: It's still a little raw, but Audit Explorer shows great potential and stands alone in its ambition to bring this level of situational awareness to mere mortals. I couldn't find another app that even attempts to harness BSM. Recommended for: - Power Users - Sysadmins - Developers
More Reviews for Current Version
Little support - No audit configurations for Mavericks.