File Hash Analytics

178792

SOC Prime Community

SOC Prime | Community

File Hash Analytics case works by tracking hashes of potentially harmful software, files and processes their start across the Company hosts. Also, use case allows you to track rare hashes, whether the same file names with different hashes.
Download $600

Description

File Hash Analytics case works by tracking hashes of potentially harmful  software, files and processes their start across the Company hosts.  Also, use case allows you to track rare hashes, whether the same file  names with different hashes or the same hash for different files and  displays their directory. Also package include integration command to  check particular hash at the VirusTotal directly from the Active channel.

Minimum Requirements

SIEM: HPE ArcSight ESM 6.9 or higher version.


Log Sources:



  • Microsoft Sysmon logs.

  • Antivirus logs.


File Hash Analytics comes with a Sysmon parser for the WINC connector, built for Sysinternals Sysmon v6.00 by Mark Russinovich and Thomas Garnier.

Releases

Release
Size
Date
File Hash Analytics 1.0
505.2 KB
  |  
Oct 2, 2017
More info Less info
Buy
Product Compatibility
ESM
Version 7.0
Version 6.9.1 · 6.11.0
ESM Express
Version 6.9.1
Release Notes

Version 1.0

✓ Initial version.

Languages
English
Buy

Your browser is not supported!

Please upgrade to one of the following broswers: Internet Explorer 11 (or greater) or the latest version of Chrome or Firefox