School of Arts and Sciences University of Pennsylvania

About HECTOR

HECTOR is an open source initiative sponsored by the University of Pennsylvania School of Arts & Sciences (SAS). At SAS we are deeply committed to increasing the security posture of every organization by sharing our security discoveries. We believe that a safer and more secure internet environment begins with informed security decisions and with sharing security knowledge with others. We are deeply grateful for all of the contributors to the software that lies at the heart of the HECTOR platform including other open source projects like NMAP, OSSEC, and more.

How Does it Work?

HECTOR is a powerful, extensible, framework for security intelligence data gathering, analysis and sharing. HECTOR is based on a stable MySQL database back end with a PHP powered web accessible interface. HECTOR gathers security data from a number of sources including:

  • darknet sensors
  • Incident reports from your organization
  • OSSEC intrusion detection logs
  • NMAP port scans
  • Vulnerability detection scans
  • Incident reports
  • RSS feed imports
  • and more...

HECTOR's intuitive web based front-end allows for easy data analysis, scan configuration, and even incident reporting.

Why Not Use NoSQL?

We're often asked why we don't use a NoSQL database like MongoDB for HECTOR. NoSQL is all the rage in "big data" circles and we certaily see the power in unstructured data stores. However, HECTOR developers believe there is power in structure, and that databases are uniquely designed to maximize that power. Unstructured security data isn't really unstructured, it is just stored in an unstructured way, which forces developers to apply structure to the data as it is pulled from the data store. This ignores the enourmous power of a structured database to enhance the ability of developers to query data stores. Sure, structuring data is a hassle, and requires a lot of skill and patience, but we believe the effort is rewarded by creating a data store that is stable, extensible, and allows HECTOR to easily import and export data in standard formats.