The purpose of this tool is to determine the compliance status of an enterprise with the security policies designed for them. It takes as input- Information security policies written in english like high level language and the log files generated by the windows and linux platforms of the assets of the enterprise. It generates a compliance report for the policies. The tool is also able to provide a compliance report from the input registry files of a windows operating system platform. Elasticsearch is also integrated with this tool where log records can be provided as input to obtain indexed storage for further analysis by elasticsearch. However, The use of registry files and elasticsearch analysis sections is an optional feature of this tool.

The purpose of this tool is to search for insider threat and attack incidents in windows platform from the log records. The tool takes as input the log traces and classifies them into -’Benign, Suspicious, Threat, Attack’-categories based on the sequence of event IDs found in the log trace. The tool had configurations according to which a benign log could be upgraded to- ’Suspicious, Threat, Attack’- categories. A report was generated after analyzing the log traces as per the rules fed into the tool during its configuration phase.

Developed web application with SpringMVC, Java, JavaScript, XML for a multi-threaded job generation and processiong.