The new application gives organisations the ability to identify and address all types of threats, including zero-day events, hacking, data spillage and advanced persistent threats
E-discovery, computer forensics and cyber security software firm AccessData has released its Cyber Intelligence & Response Technology Version 2 (CIRT 2), which can integrate network and computer forensics, malware analysis, data auditing, enabling users to detect and remediate unknown threats.
The new application gives organisations the ability to identify and address different types of threats including hacking, data spillage and advanced persistent threats by allowing users to correlate computer, network and malware data, as well as audit multiple machines.
CIRT2 is comprised of four of AccessData’s technologies: the AD Enterprise network-enabled computer forensics application, SilentRunner network forensics product, the data auditing capabilities of AD eDiscovery and AccessData’s new Cerberus malware analysis technology.
AccessData Network Forensics director Jason Mical said using CIRT, organisations can continuously monitor network traffic, computers and removable media to detect threats and acquire actionable intelligence in the event of a cyber incident.
"In addition, with CIRT’s "check in" feature, CIRT users can monitor the laptops of traveling employees, even when they are not logged on to the organization’s network," Mical said.
The new Cyber Intelligence & Response Technology include correlate network and host analysis to determine root cause and chase down data spillage.
It can also identify and triage suspected malware using both static analysis and advanced disassembly analysis to determine behavior and intent without a sandbox or without relying on signature-based tools.
CIRT2 can play back security incidents in real-time to understand an exploit or data spill, build threat profiles and monitor to prevent incident recurrence, perform batch remediation and monitor the network and information assets, including removable devices, on or off the organisation’s network.