Blog

Filter: Blog - Clear Filter

New THOR 10.7.8 TechPreview Features

We are thrilled to unveil THOR 10.7.8, the latest version of our advanced persistent threat (APT) scanner, which brings a host of powerful features to enhance threat detection and analysis. In this blog post, we will highlight some of the notable additions that make...

read more
How to scan Docker containers using THOR – Part 2

How to scan Docker containers using THOR – Part 2

The first part of this blog series covers how THOR can be used to scan a Docker image. In the second part of this series, we will talk about how you can use THOR to scan running Docker containers. Now, consider this new use case: You want to check if your running...

read more
How to scan Docker images using THOR – Part 1

How to scan Docker images using THOR – Part 1

In this blog article, we will talk about how you can use THOR to scan Docker images. Consider the following use case:  Before using an upstream Docker image, you want to precheck it for known IOCs and backdoors. THOR can help you with this!Prerequisites Docker image...

read more
Customer Portal Upgrade – Planned Downtime

Customer Portal Upgrade – Planned Downtime

We would like to inform you that our customer portal will be undergoing a scheduled maintenance and will be temporarily unavailable on Wednesday, April 12, 2023, between 10:00am and 11:00am CEST. We apologize for any inconvenience this may cause. During this downtime,...

read more
Demystifying SIGMA Log Sources

Demystifying SIGMA Log Sources

One of the main goals of Sigma as a project and Sigma rules specifically has always been to reduce the gap that existed in the detection rules space. As maintainers of the Sigma rule repository we're always striving for reducing that gap and making robust and...

read more
THOR Log Conversion to CSV

THOR Log Conversion to CSV

We are excited to announce that the upcoming version 1.11 our tool, THOR Util, now has the capability to convert log output files from both the default and JSON format into CSV files. This new feature will make it easier for users to analyze their log data and extract...

read more
How to scan ESXi systems using THOR

How to scan ESXi systems using THOR

More and more often, adversaries target and exploit Internet-facing appliances or devices with exotic or restricted operating systems. Users ask if there is a way to run a compromise assessment scan on these systems with the YARA rules used in THOR. Following up on...

read more