THOR Description

THOR stands out as the most advanced and adaptable tool available for compromise assessments. When responding to incidents, teams frequently encounter a collection of compromised devices along with a larger array of potentially affected systems, making the manual examination of numerous forensic images a daunting task. With THOR, the process of forensic analysis is accelerated thanks to its impressive arsenal of over 12,000 meticulously crafted YARA signatures, 400 Sigma rules, a variety of anomaly detection protocols, and countless indicators of compromise (IOCs). This tool is designed to emphasize suspicious activities, alleviate the burden on analysts, and expedite the forensic examination process during critical moments when timely results are vital. By concentrating on areas often overlooked by traditional antivirus solutions, THOR employs an extensive signature library that encompasses a multitude of YARA and Sigma rules, IOCs, and checks for rootkits and anomalies, effectively addressing a wide range of threats. Furthermore, THOR not only identifies backdoors and tools leveraged by attackers but also captures outputs, temporary files, modifications to system configurations, and other remnants of nefarious actions, ensuring a thorough understanding of the incident landscape. The comprehensive nature of THOR makes it an invaluable asset in the realm of cybersecurity.

THOR Alternatives
ManageEngine Log360 Reviews
ManageEngine Log360
(96 Ratings)
Log360 is a SIEM or security analytics solution that helps you combat threats on premises, in the cloud, or in a hybrid environment. It also helps organizations adhere to compliance mandates such as PCI DSS, HIPAA, GDPR and more. You can customize the solution to cater to your unique use cases and protect your sensitive data. With Log360, you can monitor and audit activities that occur in your Active Directory, network devices, employee workstations, file servers, databases, Microsoft 365 environment, cloud services and more. Log360 correlates log data from different devices to detect complex attack patterns and advanced persistent threats. The solution also comes with a machine learning based behavioral analytics that detects user and entity behavior anomalies, and couples them with a risk score. The security analytics are presented in the form of more than 1000 pre-defined, actionable reports. Log forensics can be performed to get to the root cause of a security challenge. The built-in incident management system allows you to automate the remediation response with intelligent workflows and integrations with popular ticketing tools.
Learn more
Blumira Reviews
Blumira
(131 Ratings)
Empower Your Existing Team to Attain Enterprise-Level Security Introducing a comprehensive solution that combines SIEM, endpoint visibility, continuous monitoring, and automated responses to simplify processes, enhance visibility, and accelerate response times. We manage the burdens of security, allowing you to reclaim valuable time in your schedule. With ready-to-use detections, filtered alerts, and established response playbooks, IT departments can derive substantial security benefits through Blumira. Fast Setup, Instant Benefits: Seamlessly integrates with your technology ecosystem and is fully operational within hours, eliminating any waiting period. Unlimited Data Ingestion: Enjoy predictable pricing alongside limitless data logging for comprehensive lifecycle detection. Streamlined Compliance: Comes with one year of data retention, ready-made reports, and round-the-clock automated monitoring. Exceptional Support with a 99.7% Customer Satisfaction Rate: Benefit from dedicated Solution Architects for product assistance, a proactive Incident Detection and Response Team developing new detections, and continuous SecOps support around the clock. With this robust offering, your team can focus on strategic initiatives while we handle the intricacies of security management.
Learn more
CyFIR Investigator Reviews
CyFIR Investigator
CyFIR offers advanced digital security and forensic analysis tools that deliver exceptional visibility at endpoints, enhanced scalability, and rapid resolution times. Organizations with strong cyber resilience experience minimal to no impact when faced with security breaches. The cyber risk solutions provided by CyFIR enable the identification, examination, and mitigation of current or potential threats at a pace 31 times quicker than conventional EDR systems. In today's landscape, where data breaches are increasingly common and more damaging, the need for robust security is paramount. The attack surface for these threats now stretches far beyond an organization's premises, incorporating countless interconnected devices and endpoints scattered across remote sites, cloud environments, SaaS platforms, and various other locations, necessitating comprehensive security measures.
Learn more
ASGARD Management Center Reviews
ASGARD Management Center
The ASGARD Management Center stands out as an exceptional platform for incident response, enabling users to conduct comprehensive enterprise-wide THOR scans effortlessly. It boasts a user-friendly interface that simplifies the execution of intricate response playbooks across as many as one million endpoints, all managed from a centralized console. Delivered as a hardened virtual appliance, ASGARD includes agents compatible with Microsoft Windows, Linux, AIX, and MacOS. Its robust API allows for seamless integration with various SOAR frameworks, sandboxes, antivirus solutions, SIEM systems, CMDBs, and IPS devices, essentially connecting with any security technology you utilize. This brief demonstration illustrates how straightforward it is to initiate a scan using custom Indicators of Compromise (IOCs) sourced from a linked MISP. In this instance, we identify all events containing the term “Emotet,” incorporate them into a newly created rule set, and deploy that rule set in a fresh Group Scan utilizing THOR, showcasing the platform's versatility and efficiency in threat detection and response. Additionally, this capability enables security teams to respond more rapidly to emerging threats by leveraging real-time data and automation.
Learn more

Integrations

View Integrations

Reviews

Total
ease
features
design
support

No User Reviews. Be the first to provide a review:

Write a Review

Company Details

Company:
Nextron Systems
Year Founded:
2017
Headquarters:
Germany
Website:
www.nextron-systems.com/thor/

Media

THOR Screenshot 1
THOR Screenshot 1 THOR Screenshot 2
Recommended Products
MongoDB Atlas runs apps anywhere Icon
MongoDB Atlas runs apps anywhere

Deploy in 115+ regions with the modern database for every enterprise.

MongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
Start Free

Product Details

Platforms
Windows
Mac
Linux
Types of Training
Training Docs
Training Videos
Customer Support
Online Support

THOR Features and Options

Incident Response Software

Attack Behavior Analytics
Automated Remediation
Compliance Reporting
Forensic Data Retention
Incident Alerting
Incident Database
Incident Logs
Incident Reporting
Privacy Breach Reporting
SIEM Data Ingestion / Correlation
SLA Tracking / Management
Security Orchestration
Threat Intelligence
Timeline Analysis
Workflow Automation
Workflow Management

THOR Lists

THOR User Reviews

Write a Review
  • Previous
  • Next