Nextron Systems Products
THOR Scanner is our Incident Response Scanner and Live Forensics Tool for Windows.
THOR utilizes multiple examination methods to detect traces of hacker activity. For example, THOR uses more than 6.500 signatures as well as more than 25 methods.
Nextron updates the main signature database regularly.
With the ASGARD Management Center, these signatures are automatically downloaded and updated. In addition, we also include indicators from public sources, as well as private feeds. E.g. MISP, OTX
SPARK is the little brother of THOR. You can run it on Windows, Mac and Linux. It is the fast, leightweight and flexible scanner with only 6 main modules main modules:
File Scan, Process Memory Scan and Log File Scan. The SHIM Cache Scan, Registry and At Job analysis is only available on Windows.
It is approximately 30% of the size of THOR and supports multiple platforms like Windows, Linux and macOS. (AIX and other UNIX derivatives on request)
The ASGARD Management Center is a hardened appliance that connects automatically to Nextron to receive signature updates (Yara rules, Soft IoCs, etc.) and the latest versions of THOR and SPARK.
It acts as the licensing server to issue individual THOR and SPARK client licenses.
The ASGARD Management Center can act as a Log Server itself or can forward the logs to the ANALYSIS COCKPIT or any other SIEM system.
Here is where you define your network-wide scans for THOR and SPARK.
The ANALYSIS COCKPIT gives you the power to analyze logs from thousands of systems.
In heterogeneous IT environments, you could be required to create highly specific filters for 20.000 entries by hand. You don’t want to do this manually.
We let you export anomalies from Kibana that you don’t want to see in the future to the filter generator.
The ANALYSIS COCKPIT ships with approximately 78 pre-defined automatic filters. (We have done the majority of the work for you.)