
System Integrity Management Platform (SIMP) - aethertap
https://github.com/NationalSecurityAgency/SIMP
======
druiid
As per other NSA released projects like selinux, I'm sure people here will
doubt the intentions behind this project. I have only had a bit of time to
look it over so far, but it looks pretty neat. I think we need to remember
before doubting this, that the intentions of the NSA for the most part are to
protect American citizens and businesses. Releasing tools to help them further
this are generally in interest of that.

I'm sure there is some way for them to get through tools like selinux if they
encounter it, but for that particular toolkit I'm sure that any potential
pitfalls in that respect are far outweighed by the standard criminal hackers
or state sponsored attackers, having a harder time breaking your systems.

------
nickpsecurity
There's groups in NSA that periodically release things to benefit government
and industry. This is probably one of them. It looks like the kind of
straight-forward thing a small team in government would put together. However,
we also know the organization poisons solutions. So, I'd either review and
rebuild from 3rd party source anything in this project; or avoid it in favor
of a solution from a provider with a different mission.

Besides, I'm sure the cloud and IT security communities have published better
stuff elsewhere given the difficulties. If anything, NSA's IT seems behind the
times again.

------
sweis
The headline misses the most interesting part: This is released by the NSA.

