We Detect Hackers
Flexible and Continuous Compromise Assessments
Have I been compromised?
With security breaches arising on multiple fronts, companies, healthcare systems, governmental and educational entities alike are starting to realize how real the threat of cyber security attacks are. In today’s world, firewalls, antivirus and network based intrusion prevention are not enough.
Compromise assessments are the most effective defense in depth measure an organization can use to ensure no threats have made it past their defenses.
Nextron System provides the best compromise assessment scanner and management platforms to facilitate a continuous assessment.
We don’t believe in using cloud services. All our solutions are on your premises. Your data will never leave your network.
We Detect Hacker Activity
Our signature database with more than 9000 hand crafted and high quality rules is focused on APTs (advanced persistent threats), their tool sets, scripts and malware.
We curate rules for hack tools, their output, config backdoors, RATs, web shells, suspicious system file replacements and traces of other malicious activity.
THOR is the perfect complement to your Antivirus solution.
Our Product Line
Scanners, Management and AnalysisScanners
THOR
THOR is our full-featured, portable and flexible compromise assessment scanner for Windows systems
THOR Lite (upcoming)
THOR Lite is a feature-reduced version of THOR, which is bundled with the open source signature set of LOKI
LOKI
LOKI is a Python based open source IOC and YARA scanner bundled with our free and limited signature set
Management and Analysis
ASGARD Management Center
Configure, schedule and control scans on up to 10,000 end points per instance; collect files and memory from end systems
ASGARD Analysis Cockpit
Analyze scan logs, manage incidents in role based cases management, create filters and forward messages to your SIEM
Feeds
VALHALLA
Supercharge your detection with more than 9000 hand crafted, curated high quality YARA rules
Why Do Customers Choose Nextron?
Impressive Detection Rate
THOR’s impressive detection rate is well-known in the industry and fits the needs of threat hunters around the globe.
Thousands of generic signatures detect anomalies, obfuscation techniques and suspicious properties to rapidly accelerate compromise assessments.
Unmatched Flexibility
Use our scanners fully managed with the ASGARD platform or stand-alone as portable scanners for live forensics, image scans or to monitor a certain folder.
You can easily add your own indicators and signatures from threat feeds that you’ve subscribed to.
Trans-Regional Trust
We are a German-based company and all of our solutions are on-premise. Our scanners work completely offline.
We enjoy great confidence from our customers in the form of government agencies, NGOs and private corporations.
What our customers say
In our environment, we use ASGARD for a multitude of use-cases. In addition to other security components, we use ASGARD to regularly scan selected systems for sign of compromise. Furthermore, we use ASGARD during incident response for both initial triage and comprehensive scanning of a system.
I have been given the opportunity to evaluate Nextron’s VALHALLA feed. The handcrafted high quality detections with literally zero false-positive rate are an unmatched capability that does not only enable your detection technologies to stay ahead of the latest advanced threats but also is an extension of your own security team. Given the high quality and value the feed provides I can highly recommend VALHALLA.
News
Blog Posts and TweetsRecent Blog Posts
Not All IOC Scanning Is The Same
People often tell us that EDR product X already does IOC scanning and that they don’t have to check for these indicators a second time using our scanners. Especially when it...
ASGARD Analysis Cockpit v2.8 with Sandbox Integration
ASGARD Analysis Cockpit’s new version 2.8.2 features an open API to interface with all major sandbox vendors. It ships with presets for Cuckoo Sandbox and even allows to connect...
Changes in Upcoming THOR Version 10.3
Refactored Handle Detection We have completely refactored THOR's malicious Handle detection. We now allow the use of regular expressions and combined all types in a single...
THOR Remote Demo: Agentless Remote Compromise Assessment
We've made a short video demo to showcase the new THOR 10 feature called "THOR Remote", which allows you to perform compromise assessment scans on multiple remote systems - no...