With this blog post we would like to inform you that our End-of-Life (EOL) products THOR 8 and SPARK will reach their End-if-Service-Life (EoSL) on 31th of October 2020. From this day onwards, product and signature updates will not be available anymore. Please...
Remarks on Products and Services
We constantly improve the quality of our products and services, add features and create new bundles. Follow ups with our customers showed that not all of these changes reach their attention. They are often surprised and excited to hear about these features, free tools...
STIXv2 Support in SPARK
SPARK Version 1.17.0 adds extensive STIXv2 support.This allows you to easily extend SPARK's signature bases with IOCs from any sandbox, analysis or threat intel platforms that support STIXv2 export by placing the exported [cci]*.json[/cci] files in the...
New Feature: THOR-util and SPARK-Core-util Signature Encryption
The new THOR-util version 1.2.4 supports the encryption of your custom signatures so that you can deploy your own IOC files and YARA rules in an encrypted form. We use a public key in the utilities to encrypt the files for our scanners so that admins, Antivirus...
SPARK uses Sigma Rules in Eventlog Scan
Sigma is a rule format for threat detection in log files. It is for log data what "Snort rules" are for network traffic or "YARA signatures" are for file data. It is easy to write and read. Writing a Sigma rule is a matter of minutes. On the right you can see a simple...
THOR-Util with HTML Report Generation
The new version of "thor-util" (used with THOR/SPARK) / "spark-core-util" (used with SPARK Core) support a feature that allows a user to convert any scanner log file into a convenient report. Convert THOR / SPARK / SPARK Core scan logs into HTML reports Convert a...
New THOR / SPARK License Packs
We have just recently released new, flexible and practice-oriented license packs for our scanners THOR and SPARK. These license packs will help you to get started as quickly as possible in case of an incident response, digital forensics engagement or compromise...