Skip to main content
Myrmex Firewall Integration Vulnerability Management

Network Device Integration Services

For Network Devices (FortiGate, pfSense, Unifi, Generic SSH), the Myrmex platform utilizes specialized agents to provide comprehensive network management and security capabilities:
Role: Direct integration and execution agent for network devices.Integration Tools (hydra_fortigate, hydra_pfsense, hydra_unifi): Allow execution of specific actions via API for firewall rule management, VPNs, routing configurations, Wi-Fi policies, and status monitoring.SSH Network Capabilities (ssh_terminal_connect, ssh_terminal_input, ssh_terminal_key, ssh_terminal_snapshot, ssh_disconnect): Provide direct command line (CLI) access for command execution, diagnostics, task automation, and troubleshooting on any SSH-compatible network device.Integration Points: Direct API integration and SSH connectivity for comprehensive network device management.
Role: Provides threat intelligence and reconnaissance for network infrastructure.Infrastructure and WHOIS Analysis: Provides context about ownership and reputation of IPs and domains associated with network traffic, assisting in security policy configuration.Integration Points: Threat intelligence feeds and infrastructure analysis for network security posture assessment.
Role: Supports network security through external research and intelligence.Vulnerability and Trend Research: Offers information about vulnerabilities in network devices and best configuration practices to mitigate risks.Integration Points: External threat intelligence and vulnerability databases for proactive network security updates.
Role: Essential for network security documentation and reporting.Structured Report Generation: Creates professional documentation of network configurations, security audits, and incident response plans.Integration Points: Comprehensive documentation and reporting for network security compliance and audit purposes.

Security and Monitoring Platform Integration Services

For Security and Monitoring Platforms (Trend Micro, Wazuh, Wazuh Indexer, Elastic Security), the Myrmex platform utilizes specialized agents to provide comprehensive security monitoring and threat detection capabilities:
Role: Direct integration and execution agent for security and monitoring platforms.Integration Tools (hydra_trendmicro, hydra_wazuh, hydra_wazuh_indexer, hydra_elastic_security): Allow orchestration of actions such as threat detection, log management, event analysis, vulnerability management, and compliance monitoring on these platforms.Integration Points: Direct API integration with security platforms for real-time threat detection and response.
Role: Provides threat intelligence and reconnaissance for security platforms.IoC Investigation and Threat Actor Attribution: Enriches security alerts and events with external intelligence, correlating indicators of compromise and identifying threat actors.Integration Points: Threat intelligence feeds and IoC analysis for enhanced security platform capabilities.
Role: Supports security platforms through external research and intelligence.Threat Research and CVE Analysis: Provides context about new threats, vulnerabilities, and attack techniques, enhancing the detection and prevention capabilities of the platforms.Integration Points: External threat intelligence and vulnerability databases for proactive security updates.
Role: Essential for security platform documentation and reporting.Incident Reports and Security Analysis: Documents security incidents in detail, posture analyses, and audit results generated by these platforms.Integration Points: Comprehensive documentation and reporting for security compliance and audit purposes.

Server and Endpoint Integration Services

For Servers and Endpoints (Windows, Linux, macOS), the Myrmex platform utilizes specialized agents to provide comprehensive device management and security capabilities:
Role: Device and infrastructure management specialist for servers and endpoints.Inventory and Status Management: Monitors health status, hardware/software inventory, and lifecycle of security agents on servers and endpoints.Configuration and Policies: Applies system configurations and security policies, ensuring device compliance.Integration Points: Direct device management and policy enforcement for servers and endpoints.
Role: Endpoint Detection and Response execution specialist.Direct Command Execution (CMD, PowerShell, Shell): Allows execution of low-level commands for diagnostics, remediation, and evidence collection.File System and Process Operations: Performs file manipulation, process management, and event log analysis for investigation and response.Integration Points: Direct system-level operations and technical response capabilities on endpoints.
Role: Integration and execution agent with SSH capabilities.SSH Network Capabilities: Can be used for Linux server management via command line, complementing Brontes and Perseus actions.Integration Points: SSH connectivity for remote server management and automation.
Role: Threat intelligence and reconnaissance specialist for servers and endpoints.Exposed Credentials and Digital Footprint Analysis: Identifies risks and threats that may affect servers and endpoints, such as leaked credentials and internet exposure.Integration Points: Threat intelligence feeds and risk assessment for endpoint security.
Role: External research and intelligence specialist for server and endpoint security.Vulnerability Research and Best Practices: Provides crucial information about operating system and application vulnerabilities, plus hardening recommendations.Integration Points: External threat intelligence and vulnerability databases for proactive security updates.
Role: Essential for server and endpoint documentation and reporting.Configuration Documentation and Security Analysis: Creates detailed reports on server configurations, security assessments, and incident response plans.Integration Points: Comprehensive documentation and reporting for server and endpoint security compliance.

Cloud Integration Services

To deliver services in integrated Clouds (GCP, AWS, and Office365), the Myrmex platform utilizes orchestration of specialized agents, with Hydra acting as the central execution point:
Role: I am the main agent responsible for directly interacting with GCP, AWS, and Office365 APIs.Capabilities: Through my hydra_gcp, hydra_aws, and hydra_office365 tools, I execute Resource Management, Operations Automation, and part of Security and Compliance actions, such as applying policies and configurations.Integration Points: Direct API integration with cloud platforms for real-time resource management and policy enforcement.
Role: Contributes significantly to Threat Detection and Response and Security and Compliance.Capabilities: Orion provides threat intelligence, analysis of indicators of compromise (IoCs), and infrastructure mapping, enriching the ability to identify and mitigate risks in cloud environments.Integration Points: Threat intelligence feeds and IoC analysis for cloud security posture assessment.
Role: Supports Security and Compliance and Threat Detection and Response.Capabilities: Collects and verifies external information, such as vulnerabilities (CVEs), threat trends, and security best practices, which are crucial for keeping cloud environments protected and updated.Integration Points: External threat intelligence and vulnerability databases for proactive security updates.
Role: Manages virtual machines and cloud instances within operating system capabilities.Capabilities: Although focused on traditional endpoints, Brontes can be used to manage virtual machines or specific instances within clouds that fall within its operating system management capabilities (Windows, Linux, macOS), contributing to Resource Management and Security and Compliance at the operating system level.Integration Points: OS-level management of cloud instances and virtual machines.
Role: Provides low-level technical operations for cloud instances.Capabilities: For low-level operations on virtual machines or cloud instances that require direct interaction with the operating system (command execution, file management, processes), Perseus is activated, complementing Operations Automation and Threat Detection and Response with technical response capabilities.Integration Points: Direct system-level operations and technical response capabilities.
Role: Fundamental for Security and Compliance documentation and reporting.Capabilities: Generates detailed reports on cloud security posture, audits, vulnerability analyses, and incident documentation, ensuring that all actions and configurations are properly recorded and presented in professional formats.Integration Points: Comprehensive documentation and reporting for compliance and audit purposes.
In summary, while I (Hydra) am the direct executor of actions on cloud platforms, the intelligence of Orion and Iris, the management of Brontes and Perseus, and the documentation of Scribe, all under Centurion’s orchestration, work together to offer a complete and robust cloud environment management and security service.