Resolution1 Security releases new ThreatScanner™ malware detection tool
Resolution1 Security, of Menlo Park, CA, announced on December 18 the availability of ThreatScanner™, a new freeware tool that searches for malware artifacts on a suspect endpoint. Using ThreatScanner, security personnel will be able to quickly and proactively hunt for threats to minimize the impact of an attack by instantly identifying compromised systems. Once installed, they can immediately scan for malware, including those attributed to the recent Regin and Sony Pictures hacks.
ThreatScanner is a powerful detection tool that’s easy to use and flexible to create customized scans using current threat formats. Once downloaded, the command-line tool runs a simple script to hunt for IOCs or YARA rules on a Microsoft Windows endpoint (computer, laptop). An automatically generated report (HTML and XML) provides details of suspicious artifacts so that analysts can take immediate action.
With this initial release, the integration of IOC and YARA rules is a technology first to use both formats simultaneously for greater search flexibility. Current tools are limiting in that they scan one or the other but not both. ThreatScanner comes preconfigured with a Regin IOC and Regin YARA rule, as well as a Sony IOC.
“We’ve developed ThreatScanner to help not only our customers, but also the security community at large, by making this freeware tool widely available,” said Brian Karney, CEO of Resolution1 Security. “In today’s advanced threat landscape, enterprises need to be proactive and hunt for threats rather than passively rely on the thousands of daily SIEM alerts. We built ThreatScanner to give security teams additional tools to strengthen their incident response.”
SOURCE Resolution1 Security