Tuesday, June 10, 2014
Identify malicious activity on a system using memory and file analysis
Mandiant Redline is a powerful solution that processes and data can be analyzed to find any traces of malware that is active onto a system.
The program provides data collection and analysis capabilities, enabling you to create and use collectors, analyze data from memory files and Indicators of Compromise (IOC).
The program provides data collection and analysis capabilities, enabling you to create and use collectors, analyze data from memory files and Indicators of Compromise (IOC).
What's New in This Release:
New Features:
· Mandiant for Security Operations customers can also take advantage of Redline's ability to open Triage Collections for performing in-depth host analysis. Including analysis of the Mandiant for Security Operations exclusive Agent Events Audit, which captures historical events as they occur on the host (such as process loads, file writes, network connections, and registry key modifications) and stores those events until the next Triage Collection.
· Redline now automatically associates different audit data types and pulls additional information into your current view to help you go from "Zero-to-Evil" faster. For example, the processes analysis view will search the file audit for the executed process' matching file item and pull its MD5 hash and digital signature information directly into the grid so that you can sort, search, and filter. It will also include the full file details from the associated file as a tab on the "Show Details" pane. In other cases Redline will asso.
New Features:
· Mandiant for Security Operations customers can also take advantage of Redline's ability to open Triage Collections for performing in-depth host analysis. Including analysis of the Mandiant for Security Operations exclusive Agent Events Audit, which captures historical events as they occur on the host (such as process loads, file writes, network connections, and registry key modifications) and stores those events until the next Triage Collection.
· Redline now automatically associates different audit data types and pulls additional information into your current view to help you go from "Zero-to-Evil" faster. For example, the processes analysis view will search the file audit for the executed process' matching file item and pull its MD5 hash and digital signature information directly into the grid so that you can sort, search, and filter. It will also include the full file details from the associated file as a tab on the "Show Details" pane. In other cases Redline will asso.
Program Information
Developer: Mandiant
Price and Added Date
Freeware .10-06-2014
Download Links
.
