Version: 2.8

⚡ Reactions

🤖 Automated Response System

Transform Jibril from a passive monitoring tool into an active security defense system. Enable immediate programmable responses to security detection events with powerful automation capabilities.

🎯 Key Capabilities

🚫 Blocking

Stop malicious traffic in real-time with network policy enforcement.

🔪 Terminating

Kill suspicious processes before they cause harm.

🔍 Collecting

Gather forensic evidence automatically for incident investigation.

🏝️ Isolating

Quarantine compromised systems from the network.

Supported Formats:

JavaScript (V8 Engine) - Fast compilation and execution with rich helper functions
Shell Scripts - Full system access with /bin/sh execution
Isolated Contexts - Each reaction runs in its own secure environment

📚 Documentation

📖

Overview

Introduction to reactions and how they work

📚

JavaScript API

Complete reference for helper functions

⚙️

Configuration

Configure reactions in recipes

💡

Examples

Real-world use cases and patterns

✅

Best Practices

Security and operational guidelines

🔧

Common Errors

Troubleshooting guide

⚡

Performance

Optimization guidelines

🔐

Security

Security implications and patterns

🚀 Quick Start

Getting Started with Reactions:

📖 Read the Overview to understand reactions and how they work
💡 Review Examples to see practical implementations
📚 Use the JavaScript API as a reference while building reactions
✅ Follow Best Practices for secure and efficient implementations

🤖 Automated Response System

🎯 Key Capabilities​

🚫 Blocking​

🔪 Terminating​

🔍 Collecting​

🏝️ Isolating​

📚 Documentation​