伶盗龙 Logo
Dig Deeper into Your Organization’s Endpoints

伶盗龙

伶盗龙 is a unique, advanced open-source endpoint monitoring, digital forensic 和 cyber response platform. It provides you with the ability to more effectively respond to a wide range of digital forensic 和 cyber incident response investigations 和 data breaches.

收集

At the press of a (few) buttons, perform targeted collection of digital forensic evidence simultaneously across your endpoints, with speed 和 precision.

亨特

Don't wait until an event occurs. Actively search for suspicious activities using our library of forensic artifacts, then customize to your specific threat-hunting needs.

监控

Continuously collect endpoint events such as event logs, file modifications 和 process execution. Centrally store events indefinitely for historical review 和 analysis.

Key forensic features

  • Continuous endpoint-event collection
  • Library of forensic artifacts
  • Customizable threat-hunting
  • Central storage of events – indefinitely
  • 伶盗龙-powered Insight agents
  • Investigations in weeks – not months

Novel analysis with multiple forensic capabilities

合作伙伴hip with Rapid7 耐多药 delivers:

  • String together different digital forensic capabilities for a customized investigation 和 situational approach to threat hunting. Rapidly go from an advisory or new hunting idea to actionable data 和 DFIR analysis in minutes. Leverage the power of 伶盗龙 Query Language (VQL) to create custom artifacts, which allow you to collect, 查询, 和 monitor almost any aspect of an endpoint, groups of endpoints, or an entire network – then use it to launch your incident response.

伶盗龙 资源

耐多药

VeloCON 2023

看看
报告

博客

了解更多

Artifact Exchange

了解更多