Here is a link to RITA
Also https://securityonion.net/ is a good tool for analysts when trying to trace out connections that look suspicious.
But both of these are still more reactive/informative and not as preventive.
Here is a link to RITA
Also https://securityonion.net/ is a good tool for analysts when trying to trace out connections that look suspicious.
But both of these are still more reactive/informative and not as preventive.