|
|
Responder Pro
Responder™ ProfessionalThe ultimate in Windows™ physical memory and automated malware analysis all integrated into one application for ease of use, streamlined workflow, and rapid results. The Professional platform is designed for Incident Responders, Malware Analysts, and Computer Forensic Investigators who require rapid results. Responder Professional provides powerful memory forensics and malware identification with Digital DNA™. Malware analysis includes automated code disassembly, behavioral profiling reporting, pattern searching, code labeling, and control flow graphing. This is a huge step forward for the information security and computer forensic communities. Finally, these long-awaited capabilities are available to complement enterprise security best practices in the areas of host intrusion detection, computer forensics and security assessments, Read the Responder Professional Datasheet Memory PreservationFDPro is included with Responder™ Professional and is the industry’s most complete memory acquisition software utility designed to preserve Windows™ physical memory for information security and computer forensic purposes. FDPro™ supports all versions of Windows™ operating systems and service packs, 32 and 64 bit, including systems with more than 4 gigs of RAM. FDPro also supports acquisition of the Windows™ Pagefile following the acquisition of RAM and other useful tricks for a more thorough memory investigation. Memory AnalysisLots of information can be found in memory, malware, chat sessions, registry keys, encryption keys, socket information and more. Responder™ Professional provides an easy to use GUI that allows you rapid recovery of this type of information. The GUI is designed to support investigation workflow NO DIFFICULT COMMAND LINE interface. Responder allows every investigator to be successful with minimal effort. Types of information found in memory:
Malware Detection with Digital DNA™Digital DNA is a revolutionary technology to detect advanced computer security threats within physical memory without relying on the Windows operating system which cannot be trusted. All executable code residing in memory are scanned and ranked by level of severity based upon programmed behaviors. The Digital DNA Sequence appears as a series of Trait codes when concatenated together describe the behaviors of each software module. Observed behavioral Traits are matched against HBGary’s “Malware Genome” database to classify digital objects as good, bad or neutral. Rules and weighting are applied to compute the overall Severity score. Users can see the underlying Trait descriptions to gain fast insight into software behaviors. Read the Digital DNA Datasheet Automated Malware AnalysisMore computer crimes are involving malware as a method of gaining access to confidential information. The new face of malware is designed to never touch the disk and reside only in memory. Important delivery information, rootkit behavior and malware not detected by AV can be easily found using Professional. The Malware analysis module automatically generates a malware analysis report that provides a high level overview of each binary’s possible capabilities broken out into 6 different factors.
Malware Reverse EngineeringDesigned to augment automated malware analysis. Sometimes the automated malware analysis will not provide the granular insight required for sophisticated understanding of code. HBGary includes these easy to use features as a means of getting more information visually. Control Flow Graphing provides rapid understanding of complex code executions path, code loops and calls. Pro includes many of the features found in IDA and Ollydbg such as labeling and code view. ReportingA flexible reporting module is built in for ease of use so you can quickly deliver the information in a succinct manner to attorneys, management or clients. Can export out to CVS, PDF, RTF and other industry standards.
Responder Pro screenshot |
ECAT
