Join us at the virtual roundtable carried out by GLACY+ Project in cooperation with APWG.EU
We are living in an era, where the volume and sophistication of cyberattacks have increased as a result of overflowing data and increased attack...
Enterprise Forensics Platform
1 min read
Amina Zilic
:
Sep 10, 2021 8:32:06 AM
A couple of months ago we released our new DRONE solution, which is set to transform remote digital forensics investigation by giving you the capability to quickly understand your network by acquiring and analyzing data across all endpoints in minutes.
With each release version, we are adding new improvements and enhancements based on our product roadmap as well as some of your great quality feedback.
Today we are releasing v1.6.0 and here are the release highlights:
YARA Scanner
Ransomware Identifier
Sigma public repository synchronization
Pull YARA repositories given from the config file
Let’s dive into the new feature set.
Starting from this version, DRONE supports a generic YARA scanner.
You can provide your own list of YARA rules as shown below and DRONE will automatically execute them.
As a linked feature to the YARA scanner, we have also added a new configuration section called YARA repositories that allows you to provide publicly available repository links (Github and Gitlab) into this section and sync it so DRONE. This will automatically add the provided YARA rules from the repository so you can always have up-to-date YARA rules throughout your investigations tasks.
This new feature will scan your machines for ransomware and detect any traces of it. We are using reversing labs’ ransomware rules to scan your machine process paths, prefetch paths, user root folder, and its subdirectories, to speed up the detection process and increase efficiency by scanning the locations where ransomware resides.
Running Sigma rules on a live machine is a key benefit of DRONE. Now, this feature allows you to stay always up to date with the latest public Sigma repositories. If there are any new rules available, instead of adding them manually, with this version just use the sync feature and DRONE will automatically support it.
DRONE is among the first solutions in the digital forensics software market that is built on a foundation that empowers users with much faster speed and simplified user experience, clearing the way from heavy and time-consuming traditional digital forensics solutions.
You can use DRONE for:
Fully remote endpoint assessment
Ultra-fast Early Case Assessments
Automated Compromise Assessments
Rapid keyword searching of forensic evidence
Anomaly Detection on endpoint forensic data
Support for Sigma rules
Decreasing preliminary analysis time to minutes
Supporting analysts with less experience to make informed decisions
For a deeper understanding of DRONE, watch the live product launch where our CEO, Emre Tınaztepe, showcased all product features and functionalities.
If you would like to try the DRONE, please visit www.binalyze.com/drone.
We are living in an era, where the volume and sophistication of cyberattacks have increased as a result of overflowing data and increased attack...
Binalyze enables enterprises to respond to cyber breaches in real-time which dramatically speeds up investigations and remediation; this funding will...
Binalyze, the World’s leading provider of advanced Enterprise Forensics and Incident Response solutions, today announced it has partnered with...