Cerberus is the first-ever automated malware triage platform solution designed to integrate with Forensic Toolkit® (FTK®) to empower enterprises to proactively identify and remediate compromised systems.
The rise in malicious software is an increasing concern to organizations. When companies are hit by malware and viruses, they risk downtime, reputation damage and loss of money trying to recover. As part of an incident response plan, is imperative for enterprises to have the tools necessary to identify and remediate compromised systems. Cerberus is available as an add-on to FTK to enable organizations to quickly scan binary files from a suspected compromised system. Cerberus and FTK work together to determine any possible malware and if necessary forward those binaries to an expert for further analysis.
Obtain Actionable Intelligence without the use of a Sandbox or Signature-Based Solutions
Typically, actionable intelligence of an incident is only obtained until time-consuming analysis is conducted by a specialized malware team. Cerberus’ disassembly and emulation process allows first and second responders to proactively identify and scan suspicious binaries so they can determine the behavior and intent of potential malware without reliance on a sandbox or signature-based solutions. This means less damage is done by malware and there is a decreased dependence on the malware team.
Cerberus’ two-stage protocol quickly tallies a “threat score”, approximating how dangerous a binary might be, followed by much more complex disassembly analysis that gives incident responders actionable intelligence in minutes without actually running the code. This first-pass analysis is of great value in that it not only enables incident responders to take decisive action more quickly, but it reveals behavior and intent without running the risk of triggering defense mechanisms commonly found in malware.