The Lazy Genius

Security News & Brain Dumps from Xavier Ashe, a Bit9 Client Partner

Security Tool from the Australian Government?

Posted by Xavier Ashe on November 7, 2005

I came across a security tool that seems to be sponsored or written by
the Australian Department of Defence called PyFLAG, Forensic and Log
Analysis GUI.

FLAG was designed to simplify
the process of log file analysis and forensic investigations. Often, when
investigating a large case, a great deal of data needs to be analysed and
correlated. Flag uses a database as a backend to assist in managing the
large volumes of data. This allows flag to remain responsive and expedite
data manipulation operations.

Since FLAG is web based, it
is able to be deployed on a central server and shared with a number of
users at the same time. Data is loaded into cases which keeps information
separated. Flag also has a system for reporting the findings of the analysis
by extensively using bookmarks.

Some screenshots can be found
here.

This
is very curious.  I sent them an email questioning the orgins and
contined relationship that the Australian government has with this
project.  I will throw it in the lab next week and see what this
puppy can do.  Here is the government web site and the sorceforge site.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: