Package: wnpp
Severity: wishlist
Owner: Joseph Mazzini jmazzini541@gmail.com
X-Debbugs-CC: debian-devel@lists.debian.org, bage@debian.org
* Package name : sys-scan-graph
Version : 6.0.0
Upstream Author : Joseph Mazzini jmazzini541@gmail.com
* URL : https://github.com/J-mazz/sys-scan-graph
* License : Apache-2.0
Programming Lang: C++, Python
Description : System security scanner and graph generator
sys-scan-graph is a comprehensive system security scanning tool that combines a
high-performance C++20 scanning engine with an AI-powered intelligence layer
to deliver in-depth Linux system security analysis.
The tool performs vulnerability assessments, compliance checks, and provides
detailed security insights for Linux systems. The C++ core scanner performs
fast, deterministic security enumeration across 16 specialized domains,
including process analysis, network socket detection, kernel hardening checks,
and SUID/SGID binary tracking. It emphasizes determinism by producing RFC 8785
canonical JSON output, ensuring reproducible results.
The Python-based intelligence layer transforms the raw scan data into
actionable security intelligence. It utilizes an embedded, fine-tuned
Mistral-7B model for analysis, which allows for offline operation and ensures
data sovereignty. This layer provides features such as MITRE ATT&CK
correlation, baseline anomaly detection, and compliance mapping for standards
like PCI DSS 4.0, HIPAA, and NIST CSF 2.0. The Python component is also
available on PyPI as `sys-scan-agent`.
The project is actively maintained, has comprehensive test coverage with over
900 test cases, and is well-documented. I will be maintaining this package.