Scenario: Org2 is a specialist technology company based in the UK. The Org2 IT security operations team responded to an alert from its corporate anti-virus provider that a copy of password stealing malware had been found on three of its domain controllers. This was a serious incident, and an investigation [...]
A good compromise assessment methodology requires the use of tools that will make the assessment more efficient.
For this, we present THOR – the most sophisticated and flexible compromise assessment tool on the market.
Incident response engagements often begin with a group of compromised systems and an even bigger group of systems that are possibly be affected. The manual analysis of many forensic images can be challenging.
THOR speeds up your forensic analysis with more than 10,000 handcrafted YARA signatures, 400 Sigma rules, numerous anomaly detection rules and thousands of IOCs.
THOR is the perfect tool to highlight suspicious elements, reduce the workload and speed up forensic analysis in moments in which getting quick results is crucial.