伶盗龙 is a unique, advanced open-source endpoint monitoring, digital forensic 和 cyber response platform. It provides you with the ability to more effectively respond to a wide range of digital forensic 和 cyber incident response investigations 和 data breaches.
At the press of a (few) buttons, perform targeted collection of digital forensic evidence simultaneously across your endpoints, with speed 和 precision.
Don't wait until an event occurs. Actively search for suspicious activities using our library of forensic artifacts, then customize to your specific threat-hunting needs.
Continuously collect endpoint events such as event logs, file modifications 和 process execution. Centrally store events indefinitely for historical review 和 analysis.
合作伙伴hip with Rapid7 耐多药 delivers: