Phronsesis Cyberange APT Scanner (CAS) is a portable threat hunting tool that enables you to rapidly detect hacker activity, hack tools, backdoors, threats, potential or in progress attacks on Windows, Linux and Mac end-point systems and Servers. A traditional anti-virus solution typically scans for malwares; however, the APT scanner focuses on the detection of attacker activity by performing a deep system analysis using more than 60 modules to reveal hidden attacker activity in log files, typical attacker tools, anomalies within the user accounts, sessions, error reports, dump files, network connections and many other check items.
Designed for Security Operations Center (SOC) teams responsible for fast Incident response, the APT scanner from Cyberange needs no installation, easily integrates with SIEM, uses only a fraction of system resources and is fully compliant with German Data Privacy Regulations (GDPR).
WHAT IS CYBERANGE APT SCANNER (CAS)?
- CAS is a Portable scanner for Windows, Linux and MacOS Systems
- Detects attacker toolsets and malicious activities
- Used for triage, incident response and live forensics
- Flexible due to open standards such as YARA and STIX
XM THREAT HUNTING APPLIANCE
The Phronesis Cyberange XM Threat Hunting Appliance is for large enterprises who operate on stringent SLAs and need rapid threat detection and threat hunting across thousands of systems. Cyberange XM Threat Hunting Appliance offers you a centralized dashboard to manage all your scans and get pre-emptive analysis of threats using advanced anomaly detection with machine learning.
The XM Console provides a scalable response platform to rapidly deploy sensors and agents for Windows, Linux and macOS. The templates allow for planning scan sweeps backed by powerful threat intelligence feed from Cyberange with lowest impact on system resources
XM THREAT HUNTING APPLIANCE: HOW IT WORKS
The Cyberange products include these three core components available as hardware or virtual appliances:
1. Cyberange Threat Hunting Scanner: Deployed throughout your network across all endpoints to provide complete visibility. Has in-built scanner for threat hunting, managed by XM appliance.
2. Cyberange XM Appliance for Threat Hunting: Aggregates and correlates information gathered by the sensors / scanners and provides a responsive dashboard for reporting and administration.
3. SIEM Integration Plugin: Provides direct integration with most popular SIEM technologies to receive notifications and alerts.
THREAT HUNTING tools
Phronesis Threat hunting allows you to rapidly uncover cyber-attacks, attack campaigns or find hidden malwares deep within your systems that may have evaded your existing security defenses. The Threat Hunting process is carried out with Cyberange Advanced Forensic Threat Hunting Toolkit that detects zero-days and unknown threats within systems. Backed by Cyberange Threat Intelligence API that is updated with global information on latest threats, the threat hunting toolkit has a database of over 40 Million malwares, one of the highest in the world and is updated on daily basis. The memory forensics and triage tool allows rapid identification and hunting of threats on all platforms, including Windows, Linux and MacOS.
Anti-Phishing services from Phronesis Cyberange enable an organization to monitor specific URLs matching their domain names for potential misuse including job scams and phishing scams. The anti-phishing services from Cyberange are managed using a central web-portal where you can simply add your domain names / brand URLs and key words against which the whole internet is constantly scanned for new domain registrations matching these. In event a domain name registration matches the keywords or domain names specified, you are automatically notified for confirmation. On confirmation, all your end-points are automatically updated within 4 hours for blocking the domains and hosting companies are sent DCMA legal notices for take down services.