ThreatTrack Security enables EnCase users to analyze sophisticated malware
ThreatTrack Security, a provider of cyber threat prevention solutions, announced on Sept. 24 the availability of the ThreatAnalyzer Automation Toolkit on Guidance Software, Inc.’s EnCase App Central.
The application provides seamless integration between EnCase and ThreatTrack Security’s ThreatAnalyzer dynamic malware analysis solution. Now, EnCase users — with one click — can submit malicious code discovered during cybercrime and digital forensics investigations to ThreatAnalyzer for in-depth malware analysis.
“Malware is the preferred weapon of cybercriminals, and it is the cause of many of today’s high-profile data breaches,” said Julian Waits, Sr., president and CEO of ThreatTrack Security. “Investigators seeking to understand cybercrime — and effectively prosecute those responsible — need to accurately reconstruct the crime by understanding exactly how it happened. The combination of ThreatAnalyzer and EnCase creates an industry-leading digital forensics investigation toolkit that enables users to build the most detailed and in-depth assessment of how malware was used in any cybercrime.”
By pairing ThreatAnalyzer with the EnCase platform, digital forensics analysts can accurately recreate cybercrime scenes, customizing analysis environments to mirror real-world systems configurations used by victimized organizations.
ThreatAnalyzer’s fully-customizable environments enable investigators to generate in-depth, detailed reports on how malware behaved when it was first executed, including system changes, network traffic generated, detection evasion techniques utilized, applications that were targeted and more.
“For 15 years, EnCase has been enabling forensic investigators to conduct thorough and rapid digital investigations by offering an open but powerful platform that can be customized to automate specific, repeatable tasks,” said Alex Andrianopoulos, vice president of marketing for Guidance Software. “ThreatAnalyzer Automation Toolkit is a testament to how the EnCase open architecture and EnCase App Central make very powerful and innovative solutions from partner developers both possible and readily available to EnCase end customers.”
Guidance Software’s EnCase products are used extensively by government, corporate and law enforcement authorities worldwide for security, forensic and e-discovery investigations. Guidance Software’s EnCase App Central is an online community and marketplace for digital investigators that provides access to apps, best practices and community support. EnCase App Central includes both free and paid apps built using the EnScript programming language. Each app is vetted and tested by a technical team at Guidance Software before it is made available at EnCase App Central.