Nextron announces the end-of-sale and end-of-life dates for the ASGARD Analysis Cockpit version 2. Customers with active service contracts will continue to receive support until June 30, 2022, as shown in the table below. End of Life Announcement Date The date the...
THOR Process Memory Matches with Surrounding Strings
Following THOR's approach of showing suspicious elements, it is not feasible to completely avoid false positives. Therefore we always try to provide as much information as possible for an analyst to assess such a suspicious element as quickly as possible. Users liked...
VALHALLA API 1.1 Changes
We've made some changes to VALHALLA and released version 1.1 and valhallAPI version 0.5 to reflect these changes.The new modified date shows when this rule has last been modified. See this example.The modified date will also appear in the JSON feed and metadata of...
Sigma Scanning with THOR
Our compromise assessment scanner THOR is able to apply Sigma rules during the local Eventlog analysis. This can help any customer that has no central SIEM system or performs a live forensic analysis on a system group that does not report to central monitoring. By...
Webinar: Mitigating Persistent Threats using Microsoft Defender ATP and THOR
In our recent webinar with Joe Stocker from Patriot Consulting and Matt Soseman from Microsoft, we had the chance to showcase the integration of THOR into Microsoft Defender ATP. You can register and watch the webinar here.
Upcoming Master ASGARD v2
In the first week of June, we plan to release Master ASGARD v2. Master ASGARD is an ASGARD version that is able to connect to and control an unlimited number of ASGARD servers. While each ASGARD supports 25,000 connected endpoints, a Master ASGARD server can control...
THOR Lite – Free YARA and IOC Scanner
We are proud to announce the release of THOR Lite. It is a trimmed-down version of THOR v10 with a reduced feature set and the open source signature base used in LOKI and the now obsolete scanner SPARK Core. It uses the completely rewritten code base of THOR v10...
THOR 10 for AIX
We are working on a THOR scanner version that brings our well-known compromise assessments and thousands of YARA rules to IBM's AIX®. Subscribe here to get noticed once beta testing and a stable version is available. * no advertisements - just two emails, one for the...
Antivirus Event Analysis Cheat Sheet v1.7.2
We've just released an updated version of our Antivirus Event Analysis cheat sheet. You can download version 1.7.2 here. The major changes are: Updated AV signature lists Extended file extension list
THOR 10 Fusion – Major Changes
In anticipation of our new scanner THOR 10 Fusion, we would like to show you some of the exciting new features and upcoming changes. Modes and Feature Cleanup We've reviewed and reworked all scan modes in order to clarify the overview of active modules and features...
Upcoming : THOR 10 “Fusion”
We are proud to announce the upcoming release of THOR 10 code named "Fusion". It will replace our scanners THOR 8 and SPARK before the end of this year. Both of the current scanners will still receive updates until the end of this year. THOR 10 "Fusion" combines the...
MASTER ASGARD – One ASGARD to Rule Them All
We are glad to announce our new product MASTER ASGARD, a central control for a set of ASGARD systems. MASTER ASGARD is designed to control multiple instances of ASGARD, which itself supports up to 10,000 endpoint agents. Using MASTER ASGARD you are able to control...