The ASGARD manual is available in an online version. So far documentations have been provided as PDF file. From version 2.4 of ASGARD onwards, we publish the documentation on an online form. You can find the most recent version here.
In our recent webinar with Joe Stocker from Patriot Consulting and Matt Soseman from Microsoft, we had the chance to showcase the integration of THOR into Microsoft Defender ATP. You can register and watch the webinar here.
The following slides contain information on changes and new feature in several of our products. VALHALLA Product Update and New Features DOWNLOAD Slide DeckTHOR Cloud Technical Implementation, RoadmapDOWNLOAD Slide Deck
In the first week of June, we plan to release Master ASGARD v2. Master ASGARD is an ASGARD version that is able to connect to and control an unlimited number of ASGARD servers. While each ASGARD supports 25,000 connected endpoints, a Master ASGARD server can control...
PE Sieve Integration With the integration of @hasharezade's PE Sieve project THOR is able to detect and report a variety of process implants like replaced or injected portable executables (process hollowing), injected shellcodes, hooks and in-memory patches....
Nextron announces the end-of-sale and end-of-life dates for the ASGARD version 1 and Master ASGARD version 1. The last day to order the affected product(s) is May 31, 2020. Customers with active service contracts will continue to receive support as shown until June...
Rule Info Pages The new rule info pages allow you to get more information on a certain rule. You can find all the meta data, as well as past rule matches and previous antivirus verdicts. A second tab contains statistics. You can also report false positives that...
With this blog post we would like to inform you that our End-of-Life (EOL) products THOR 8 and SPARK will reach their End-if-Service-Life (EoSL) on 31th of October 2020. From this day onwards, product and signature updates will not be available anymore. Please...
We are proud to announce the release of THOR Lite. It is a trimmed-down version of THOR v10 with a reduced feature set and the open source signature base used in LOKI and the now obsolete scanner SPARK Core. It uses the completely rewritten code base of THOR v10...
The last five months we've been working on a shiny new version of our ASGARD platform that overcomes previous limitations and includes exciting new features. ASGARD 2 is a completely rewritten management platform, featuring a new interface, load balancing options, a...
Update 14.02.2023 The information in this blog post is outdated. For more information on how to scan appliances remotely using SSH see this newer blog post. In this blog post I'd like to outline an idea on how to perform an automated compromise assessment on Citrix...
Why Integrate THOR into Microsoft Defender ATP While Microsoft Defender ATP fully plays off its strength in detecting live attacks, suspicious process starts and network connections, THOR shines as a live forensic scanner that scans the local filesystem, registry,...