Skip to the main content.

1 min read

DRONE Release: YARA Scanner & Ransomware Identifier

Featured Image

A couple of months ago we released our new DRONE solution, which is set to transform remote digital forensics investigation by giving you the capability to quickly understand your network by acquiring and analyzing data across all endpoints in minutes. 

With each release version, we are adding new improvements and enhancements based on our product roadmap as well as some of your great quality feedback. 

Today we are releasing v1.6.0 and here are the release highlights:

  • YARA Scanner

  • Ransomware Identifier

  • Sigma public repository synchronization

  • Pull YARA repositories given from the config file

Let’s dive into the new feature set.

YARA Scanner & YARA repositories 

Starting from this version, DRONE supports a generic YARA scanner.

yara-scanner

You can provide your own list of YARA rules as shown below and DRONE will automatically execute them.

yara scanner in DRONE

As a linked feature to the YARA scanner, we have also added a new configuration section called YARA repositories that allows you to provide publicly available repository links (Github and Gitlab) into this section and sync it so DRONE. This will automatically add the provided YARA rules from the repository so you can always have up-to-date YARA rules throughout your investigations tasks. 

yara-scanner-binalyze

Ransomware Identifier

This new feature will scan your machines for ransomware and detect any traces of it. We are using reversing labs’ ransomware rules to scan your machine process paths, prefetch paths, user root folder, and its subdirectories,  to speed up the detection process and increase efficiency by scanning the locations where ransomware resides.

MicrosoftTeams-image-52-2

Sigma public repository synchronization

Running Sigma rules on a live machine is a key benefit of DRONE. Now, this feature allows you to stay always up to date with the latest public Sigma repositories. If there are any new rules available, instead of adding them manually, with this version just use the sync feature and DRONE will automatically support it. 

public sigma repositories

About DRONE

DRONE is among the first solutions in the digital forensics software market that is built on a foundation that empowers users with much faster speed and simplified user experience, clearing the way from heavy and time-consuming traditional digital forensics solutions. 

You can use DRONE for: 

  • Fully remote endpoint assessment

  • Ultra-fast Early Case Assessments

  • Automated Compromise Assessments

  • Rapid keyword searching of forensic evidence

  • Anomaly Detection on endpoint forensic data

  • Support for Sigma rules

  • Decreasing preliminary analysis time to minutes

  • Supporting analysts with less experience to make informed decisions

For a deeper understanding of DRONE, watch the live product launch where our CEO, Emre Tınaztepe, showcased all product features and functionalities.

 

New call-to-action

Dubai World Police Summit 2023: Collaborating for enhanced security and a balanced approach to human rights-based security

Dubai World Police Summit 2023: Collaborating for enhanced security and a balanced approach to human rights-based security

This month we had the privilege of attending the Dubai World Police Summit, in partnership with our distributor TRINEXIA, in the META region. This...

Read More
Designing AIR – A peak behind the curtain of UI/UX design at Binalyze

Designing AIR – A peak behind the curtain of UI/UX design at Binalyze

As a Sr. Product Designer within the Product team here at Binalyze, I believe that the best design solutions and product improvements come from...

Read More
Binalyze expands distribution partnerships in India with TRINEXIA

Binalyze expands distribution partnerships in India with TRINEXIA

Binalyze is excited to announce further expansion into the Indian market, thanks to a newly agreed distribution partnership with TRINEXIA . The goal...

Read More