Feedback Needed for My Side Project: "BREACH :: HARBOR" Cybersecurity Platform - eviltoast
This is an automated archive.

The original was posted on /r/cybersecurity by /u/cvicpp on 2023-09-23 16:01:13+00:00.


Hello r/cybersecurity community!

I’ve been investing time into a side project named BREACH :: HARBOR. It’s a self-hosted cybersecurity platform crafted to not just fend off threats but to anticipate them. Here’s a breakdown:

  1. Collector: (Python) It gathers threat data (in simple words a honeypot).
  2. Core API: (Python/Django and React) Acts as the central hub where data is processed and visualized.
  3. Defender: This is still in the early stages, and I haven’t released the repository yet. Its role is to use insights to enforce security policies, starting from iptables/nftables.

For more details and the current state, check out https://breachharbor.com - it’s a simple landing page leading to the GitHub repositories.

Currently, its primary functionality revolves around collecting attack data and visualizing it. I’m actively working on adding a notification system next to the Core API.

Finally it should be able to proactively block specific hosts which have a bad score in real time (e.g. a subnet from country X attacking the local network or a remote host in the infrastructure). The Defender should be able to automatically manage blocking rules on the machines it’s installed. I have already gathered attack data for hundreds of thousands of attacks, the Collector is in the wild internet for 2 months now.

I genuinely appreciate feedback on the overall concept, workflow, and any essential features you believe should be integrated. I’m also planning to expand its functionalities and, in the future, offer a global threat data service (CloudSync) as a way to monetize. Or hunt any funding to let me invest more time on it and push it a little bit to become more popular as a platform.

Your insights and suggestions will be invaluable! Keep in mind this is a solo side project and it’s on early stage development (it doesn’t have detailed documentation yet), so your patience and constructive criticism are much appreciated.

Thank you in advance!

P.S. Please suggest other subreddits that you believe could help me by crossposting this