# Categories | Category | Description | Examples | | -------------------------------------------------------------------- | ---------------------------------- | ----------------------------------------------------------- | | [ads](https://docs.blusapphire.io/taxonomy/active-defence-deception) | Active Defence System (Deception) | Any deception tool | | ams | Asset Management System | Tanium, BMS | | [auth](https://docs.blusapphire.io/taxonomy/auth-idam) | Authorization/ 2FA, MFA | Cisco DUO, RSA | | casb | Cloud Access Security Broker | TBD | | [cloud-aws](https://docs.blusapphire.io/taxonomy/cloud-aws-1) | Amazon Web Services | cloudtrail, cloudwatch | | [cloud-azure](https://docs.blusapphire.io/taxonomy/cloud-aws) | Microsoft Azure | MCAS, O365 | | cloud-gcp | Google Cloud Platform | gmail, gcs | | container | Containers | Docker, Kubernates | | db | Database | Oracle, SQL, MySQL, Postgres | | dhcp | DHCP Servers | All DHCP Servers | | dlp | Data Leakage Prevention | ForceScout, Symantec | | dns | DNS Servers | All DNS Servers | | ds | Directory Services | AD, LDAP, OpenLDAP | | edr | Endpoint Detection | Carbon Black | | epp | Endpoint Protection | Cisco AMP, Symantec, Crowdstrike, BluArmour, Sophos | | erp | ERP | SAP | | flow | Flow | Netflow, Sflow, IPFIX | | fw | Firewall | Egle | | ics | Industrial Control Systems | Scada | | idam | Identity and Access Management | IBM Idam, Microsoft Idam, Oracle Im(oim) | | iot | Internet of Things | | | ips | IDS/IPS | Snort, Firepower, Suricata | | kerberos | Kerberos | Any Kerberos logs | | lb | Load Balancer | F5, Nginx, Netscaler, Voltera, HA Proxy | | linux-audit | Audit Logs | Auditd | | linux-ssh | SSH Logs | SSH | | linux-syslog | Linux Syslog | Any other syslog from Linux. | | nac | Network Access Control | ISE, OpenNAC, ForceScout | | nbad | Network Behavior Anomaly Detection | DarkTrace, Zeek, Damballa | | network | Router, Switches | Any Routers any Switches | | ngfw | Next-Gen Firewalls / UTMs | Sophos, Fortinet, ASA, Paloalto, Fireeye, Checkpoint | | proxy-dns | DNS Proxy | Cisco Umbrella | | proxy-mail | Mail Proxy | Cisco Ironport, Mimecast, Proofpoint | | proxy-web | Web Proxy | Cisco Ironport, Zscaler and other proxy logs | | ra | Remote Access | vpn, Netscaler, Microsoft VPN, Cisco VPN | | rms | Risk Management System | Rapid7, ClearWater, Reciprocity | | sftp | SFTP | Any FTP / SFTP Servers | | th | Threat Hunt | Squirrel, BluGenie | | ti | Threat Intel | TBD | | virtual | Virtualization Hosts | Esx, Hypervisor, Nutanix | | vms | Vulnerability Management System | Nessus, Nexpose, Qualys, OpenVAS | | webserver | Application/Webserver | Tomcat, Apache, Weblogic, Websphere | | windows | Microsoft Windows Logs | Application, Security, Powershell, System, WMI, Sysmon, ETW | | wireless | Wireless Controllers | Wireless Controllers | --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.blusapphire.io/taxonomy/categories.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.