This is a non-IMPACT record, meaning that access to the data is not
controlled by IMPACT. For access, see the directions below.
Disclaimer:
This Resource is offered and provided outside of the IMPACT mediation framework. IMPACT and the IMPACT Coordination Council/Blackfire Technology, Inc. expressly disclaim all conditions, representations and warranties including but not limited to Resource availability, quality, accuracy, non-infringement, and non-interference. All Resource information and access is controlled by entities and under terms that are external to the IMPACT legal framework.
Disclaimer:
This Resource is offered and provided outside of the IMPACT mediation framework. IMPACT and the IMPACT Coordination Council/Blackfire Technology, Inc. expressly disclaim all conditions, representations and warranties including but not limited to Resource availability, quality, accuracy, non-infringement, and non-interference. All Resource information and access is controlled by entities and under terms that are external to the IMPACT legal framework.
Summary
DS-1335
expose
External Tool
External Data Source
GitHub
Unknown
Unknown
56 (lowest rank is 56)
Description
Expose is an Intrusion Detection System for PHP loosely based on the PHPIDS project (and using its ruleset for detecting potential threats).
Expose allows for two kinds of processing - real-time as the request comes in and delayed (queued). This can be controlled by setting the the queueRequests parameter on the run method in the Manager. If it is set to true, Expose will take the request data and insert it into the data store. By default, queuing is disabled.
Real-time reporting will process the impact scores of the matching rules and report back the results. These results can be fetched with the getReports method (as shown above). You're then free to do with the results as you wish.
Queued processing can be handled by something like a cron job using the command-line tool. When enabled, the request data is pushed into the data store with a processed value of false. The CLI then grabs the latest entries from this queue and processes them against the rules. The results are either directly outputted in a JSON format or can be written to an external file.
Additional Details
282.2KB
false
Unknown
expose, 1335, external, inferlink, corporation, external data source, source, inferlink corporation, php, detection, phpids, ruleset, system, intrusion, loosely, detecting, threats, potential, project, based, request, rules, method, processing, queued, store, time, real, pushed, outputted, reporting, process, processes, manager, report, fetched, handled, queue, command, getreports, controlled, false, processed, free, disabled, json, true, queuerequests, entries, tool, format, impact, cli, cron, written, setting, job, other, insert, parameter, file, default, matching, enabled, kinds, queuing, grabs, scores, delayed