New Snare Agents – Released

We are pleased to announce the release of three new Enterprise Snare Agents, the Snare Agent for MAC OSX, and two browser Agents – Firefox and Chrome.

Snare for OSX allows event logs from the OSX subsystem to be collected from the operating system, and forwarded to a remote audit event collection facility after appropriate filtering. Snare for OSX operates as an ‘audit dispatcher’ application that receives the audit log data, with Snare directing auditd to generate events that will electively filter out event data that you are not interested in, formats the resulting data into something that is more suited to follow-on processing, and delivers it to one or more remote systems over the network. Snare for OSX is known to work on OSX 10.7 (Lion), OSX 10.8 (Snow Lion), OSX 10.9 (Mavericks).

When you access a web site, your Firefox browser connects to the main destination page, downloads the HTML data, and then attempts to access any additional files referenced by the page in question; these may be images, cascading style sheet files, or a range of other alternatives. Snare will log each of these access requests, and report the details of the transaction.

The Snare for Chrome agent provides a valuable audit trail of user activity, and by association, any malicious activity injected by remote sites into the users’ web requests. Data is passed to a Snare Server, or compatible application, for analysis, and includes information on the URL accessed (ie: the web page, or image, or cascading style sheet), the date/time, the length of the request, the response, and the page from which the resource was requested.

The two browser agents are provided at no cost to those that have already purchased the Snare Product Suite.