Feature Compatibility for Linux
Following is the compatibility mapping of all the features supported in Linux operating systems:
| Events | Summary |
|
Process Events |
Running, Terminated |
|
File Events |
Create, Write, Rename, Delete, Change |
|
Network Event |
Listening, Established, Closed |
|
Remediation |
File Quarantine, File Delete, Process Kill, Process Kill and Quarantine File, Process Kill and Delete File, Network - Kill Process, Known and Unknown Event Remediation, Bulk Remediation, Unquarantined File |
|
Admin Clean Up |
Deactivated, TS Clean Up, Upgrade Clean Up, State Data Clean up, Reboot Clean Up |
|
Incident |
Process Tree, Details, Timeline, Risk and Exploit |
|
Scoring |
Siddhi |
|
MITRE |
Siddhi (File, Process, Network) |
|
Custom Manifest, Alerting, Benign Hash, Historic View, and Dashboard (User-defined) |
NA
|