openargus
commented
9 months ago The primary goal is to define endpoint network awareness as a standard log to support Zero Trust. The #2 goal is to define network audit as a standard log for endpoints. The features that this facility to will deliver is asset network baselines, and detail to identify network anomalies. This should operate autonomously, in that the asset should not be required to be connected to a centralized data collection facility to get value.
Argus Endpoint is a project to develop a formal approach to addressing the limited internal network monitoring issue outlined by the NSA / CISA.