Operator Manual

DENSHI PRO Security Operations Center Manual

Updated guide for version 1.1.0: audit workflow, network control, process trust, incident containment, evidence review, vulnerability hardening, and rollback-aware recovery.

What changed

  • Updated DENSHI PRO branding and Security Operations Center positioning.
  • Faster tab behavior with cleaner network-control and process-review screens.
  • Explicit Incident Control verbs so BLOCK, TERMINATE, LOG OFF, and CHANGE actions are easier to understand.
  • Manual, full reference, and downloadable ZIP are included with the hosted package.

Quick start

  1. Run DENSHI PRO as administrator on the Windows host.
  2. Set the audit lookback hours and choose an event preset.
  3. Run Audit, then start with Dashboard and Action Center.
  4. Use Network Control and Process Trust to review live exposure.
  5. Use Incident Control for the smallest exact containment action.
  6. Run Audit again and export a report or snapshot.

Core workflows

Use the smallest clear action, then verify.

Incident Control

Incident Control is the precise containment surface. Select one row, read the verb and target, then confirm only that action. Blocking a port is different from terminating a process, and the UI should make that clear before Enter or Apply changes the machine.

Network Control

Network Control pivots from sockets and remote connections back to process owners. Use it to review PIDs, signer status, paths, active connections, listeners, and safer block options before killing a task.

Evidence Timeline

The timeline merges logons, account changes, sessions, exposed services, startup clues, file-access indicators, and DENSHI actions into one story. It is designed for review and reporting, not guesswork.

Vulnerability Hardening

Vulnerability findings are separated into durable fixes, temporary containment, and patch/update recommendations. Use containment to reduce exposure, then apply durable hardening and software updates.

System Hardening

Hardening controls are rollback-aware. Preview changes first, apply a baseline only when ready, save snapshots, and run Audit again to prove the machine changed.

Safe Workflow

Preserve evidence before destructive actions. Prefer firewall containment when you need to keep a process available for investigation, and reserve termination for confirmed unwanted activity.