12
Key Facts
- Impressive Detection Rate: THOR’s impressive detection rate is well-known in the industry and fits the needs of threat hunters around the globe. Thousands of generic signatures detect anomalies, obfuscation techniques and suspicious properties to rapidly accelerate compromise assessments.
- Focus is Hacking Activity: THOR focuses on everything the Antivirus misses. With its huge signature set of thousands of YARA and Sigma rules, IOCs, rootkit and anomaly checks, THOR covers all kinds of threats. THOR does not only detect the backdoors and tools attackers use but also outputs, temporary files, system configuration changes and other traces of malicious activity.
- Flexible Deployment: THOR doesn’t have to be installed. You can just copy it to a remote system, run it from a network share or use it on USB drives that you carry to the affected systems. However, you can deploy it for continuous compromise assessments using the ASGARD agents.
Categories
Mobile security Network security Data center security Endpoint security Security management SIEM Security information and event management APT protection Anti-virus and malware protection Threat analysis Compliance / GRC (products and services) Computer emergency response team (CERT) Data leakage / loss prevention Data protection, data security Auditing Consulting IT security
Product information
THOR is the most sophisticated and flexible compromise assessment tool on the market.
Incident response engagements often begin with a group of compromised systems and an even bigger group of systems that are possibly affected. The manual analysis of many forensic images can be challenging.
THOR speeds up your forensic analysis with more than 17,000 handcrafted YARA signatures, 400 Sigma rules, numerous anomaly detection rules and thousands of IOCs.
THOR is the perfect tool to highlight suspicious elements, reduce the workload and speed up forensic analysis in moments in which getting quick results is crucial.
Product Expert
Download product information