THE TRIAGINGX DIFFERENCE
TXSandbox provides powerful insights on executables, active document, script and malicious URL’s and finds new threats that signature/IOC scanning fails to detect…
Learn how TXHunter conducts highly focused incident investigations remotely. It is easier and faster to deploy than EDR or ad-hoc tools, and collects, analyzes and interprets results in minutes not hours…
Learn how TXShield goes beyond protecting the first discovery of the attack, by determining the attack methods and automatically running ‘fire-drill’ tests on other connected systems in order to block those attack methods …
Learn how a Global Forensic Response team was able to use TXHunter to rapidly identify the presence of advanced malware on a critical production windows server on one of their client’s environments.
TXHunter automates the endpoint investigation “playbook”. When a suspect endpoint is identified from the Security Operation or Helpdesk team (or technology), a small disposable agent is deployed to the endpoint. It simply collects the relevant artifacts to determine if the system has been compromised and runs a series of hypotheses of various attacks on that data. If it identifies malicious activities, it then collects the associated files and uploads them for analysis with the integrated next-generation sandbox. A comprehensive report is then generated and placed into the workflow for review and remediation. The entire process can happen in about 15 minutes.
Bottom line, TXHunter automates the endpoint investigation playbook, improving the quality and speed of the investigations, rendering those results in easy to understand format while driving down the costs.
Most of our customers acknowledge that one of their primary challenges is how to deal with the large number of alerts they receive from their AV, EDR, SIEM or helpdesks. They need an effective and efficient method to investigate these endpoints, workstations and servers to determine if they have been compromised. TXHunter will allow them to address this need with their existing resources, improving the quality of their work and allowing them to scale to meet the company’s needs. Of course, failure to meet this need can be catastrophic, allowing an uninvestigated alert to turn into a potential breach.