Join us at the virtual roundtable carried out by GLACY+ Project in cooperation with APWG.EU
We are living in an era, where the volume and sophistication of cyberattacks have increased as a result of overflowing data and increased attack...
Enterprise Forensics Platform
2 min read
Amina Zilic
:
Sep 10, 2021 8:35:28 AM
The outstanding coverage of Binalyze enterprise forensics platforms for Windows clients is now also available for Linux.
This was a popular request from a large number of our users and customers so we incorporated the feature into our roadmap right away. This Friday we will officially launch it.
Here is how you can install Linux packages. After you install the Binalyze AIR console onto your server go to: http(s)://[your AIR IP address]/#/deploy.
From the deploy page you will now have the option to install Debian and RPM Linux in addition to the familiar Windows option. Once you install the Linux package, AIR will recognize all machines and list them as endpoints on your AIR dashboard.
As Halkyn Consulting highlighted, Linux Incident response is often overlooked due to the belief that the operating system is more “secure” than other platforms, but as they state this is only partly true since attackers compromise Linux machines on a regular basis.
We are always looking for feedback so we are inviting all DFIR specialists to test the new version and share their feedback with us.
As part of this release, we also published an article on our SFTP feature that you can check Binalyze AIR supports SFTP.
For the Preview Release following distributions are supported and it will be extended to support more distributions in the upcoming releases.
Supported Architectures
For the first preview release AIR provides only amd64 architecture builds and this will be extended to provide i386 and arm64 architectures.
For Debian based distributions, deb packages are provided by AIR Console to download and install deb packages manually using “dpkg” or “apt-get” commands.
For Redhat, CentOS, Fedora, rpm packages are provided by AIR Console to download and install rpm packages manually using “rpm” or “yum” commands.
Upgrade and uninstall are both supported over AIR Console and using the platform’s package manager.
Next release will include a generic deploy script to install packages for all supported platforms.
AIR Agent takes advantage of systemd services and SysV Init scripts to register agents as a service which enables the use of ”service” or “systemctl” commands.
First preview release of our Linux supports the following features and will be gradually improved to have more features like our Windows support.
We will have a pre-release live event on Thursday (1st April) where our CEO will showcase the new features and its functionalities.
You can register on Teams.
Also, we will have a live Q&A discussion during the event so make sure to join our Discord channel.
We are living in an era, where the volume and sophistication of cyberattacks have increased as a result of overflowing data and increased attack...
Binalyze enables enterprises to respond to cyber breaches in real-time which dramatically speeds up investigations and remediation; this funding will...
Binalyze, the World’s leading provider of advanced Enterprise Forensics and Incident Response solutions, today announced it has partnered with...