Audit Explorer

Developer: Net Squared Inc.

Current Version: 1.1

Last Updated: 3 years ago

Download Size: 8.7 MB - Download

Description:

Audit Explorer analyzes the Macintosh BSM audit trails, highlights notable events, lets you drill down to the actions of individual processes, and lets you explore the relationships between processes.

Apple’s BSM auditing system is one of the best in the world, and when configured correctly, it can be one of the most powerful security features at your disposal. BSM can provide far more useful information than firewalls, network monitors, antivirus software, and disk forensics tools. Audit Explorer lets you explore this data, helping you find out what happened on your system, assisting you in determining if your system was penetrated, and if so, how. If a user or malware tries to exfiltrate data from your computer, Audit Explorer can help you identify what documents were taken and how they were taken from your system.

Visit our site for video tours of Audit Explorer and to help you determine if this is the right tool for your security needs.

SHOW MORE ...

Release Notes:

Version 1.1 supports several new features including: (1) custom filters to alert on events of interest to you, (2) ability to launch from a command line so audit analysis can be automated, (3) save analysis results, (4) upload analysis results to a web/audit server, (5) review all commands and arguments entered from a Terminal window or remote login, (6) look for all operations on a filename, (7) look for all connections to/from specific addresses and/or ports, and (8) a new dashboard front-end.

SHOW LESS ...

Most Helpful Reviews

5/5
Version 1.1
Review by jbbuckley

A must-have tool for security conscious sysadmins and developers - Apple's BSM is an extremely powerful resource, but making sense of the data it collects is like trying to drink water from a fire hose. Audit Explorer digests this data and presents it in a very comprehensible, interactive way. Problems: When you first open the app, you'll probably wonder, "Okay, what now?" You'll want to checkout the help docs in Menu: Help > Audit Explorer Help for instructions on initial setup and log retrieval (both of which have to be done via command-line). Verdict: It's still a little raw, but Audit Explorer shows great potential and stands alone in its ambition to bring this level of situational awareness to mere mortals. I couldn't find another app that even attempts to harness BSM. Recommended for: - Power Users - Sysadmins - Developers

Found helpful by 4 out of 4 people

More Reviews for Current Version

1/5
Version 1.1
Review by A-hole?

Little support - No audit configurations for Mavericks.

Found helpful by 0 out of 0 people
SHOW MORE ...