Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

5/17/2011
12:33 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

HBGary Offers Free Responder Community Edition

Responder Community Edition provides thorough memory analysis capability

CEIC 2011 Conference, Orlando, FL – May 17th, 2011 – HBGary, Inc., (http://www.hbgary.com) today introduced Responder™ Community Edition, a new, free version of its flagship Responder™ product, the de facto industry standard for physical memory analysis, an essential part of any digital investigation.

Limited copies of this new free tool are available on CD at HBGary booth #201 at the Computer and Enterprise Investigations Conference (CEIC) 2011. HBGary is a Platinum sponsor for the event.

Critical digital evidence of today’s malware and other advanced targeted attacks can be found in physical memory: user names and passwords, encryption keys, instant messenger chat sessions, unencrypted data, open documents and emails, encryption keys, hidden code like rootkits, and registry information. All this data can help provide contextual threat intelligence about a criminal’s activity on the computer.

“When we first introduced Responder™ several years ago, memory forensics tools were primarily used by early adopters such as government and law enforcement agencies. Today most industries and corporations, large and small, want the same in-depth, threat intelligence to protect their organizations. Built on the same comprehensive and complete live Windows' memory investigation platform as our other two Responder™ products, Responder™ Pro and Responder™ Field Edition, Responder™ Community Edition offers a new, cost-effective way to gather this critical intelligence found only in computer memory,” said Greg Hoglund, CEO of HBGary, Inc.

About Responder™ Community Edition

Like its sister products, Responder™ Community Edition provides the most thorough and comprehensive memory analysis capability in the industry. Responder™ Community Edition virtually rebuilds all the underlying data structures up to 6 gigabytes of RAM. This includes all physical to virtual address mappings, recreates the object manager, exposes all objects, and enables investigators to perform a complete and comprehensive computer investigation.

About the Responder™ Windows' Memory Investigation Platform

The HBGary Responder™ platform is designed to perform a comprehensive and complete live Windows memory investigation. Responder allows analysts and investigators to easily preserve the entire contents of live memory and the Pagefile on Windows operating systems in a forensically sound manner. Responder then analyzes and diagnoses the memory image to reveal operating system, user, and application information critical to computer investigations. Harvested information includes both kernel and user-mode objects, structures, binaries, and other useful artifacts. When malicious or suspect applications, drivers, and other executables are found Responder can seamlessly extract the file(s) from the memory image retaining portable executable (PE) structure so they can be further diagnosed, executed, and monitored in their unpacked state.

This methodology allows Responder to defeat many packers and other obfuscation techniques used by malware writers.

Analysts requiring even deeper understanding of malware or suspicious applications can perform binary and runtime forensic analysis with run trace, data flow tracing, and debugging capabilities.

Availability

Responder™ Community Edition is available now for download by registered HBGary users. If you already have an HBGary Support account, you can log in at support.hbgary.com and download the product from the Product Downloads page. If you are not already a registered HBGary user, please visit http://www.hbgary.com/request-account to request an account.

To learn more about our commercial Responder solutions, Responder Pro and Responder Field Edition, please visit http://www.hbgary.com/products. For more information on HBGary’s community free tools please visit http://www.hbgary.com/free-tools.

About HBGary, Inc.

HBGary, Inc. was founded in 2003 to counter advanced cyber threats and to develop products for incident response and malware reverse engineering. HBGary has an expert history dealing with advanced malware, rootkits, zero-day exploitation, and advanced targeted threats such as APT. Current customers include Fortune 500 financial, pharmaceutical and entertainment companies as well as the Department of Defense, Intelligence Community and other U.S. government agencies. HBGary is headquartered in Sacramento and has offices in Washington D.C. For more information on HBGary, please visit http://www.hbgary.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Manchester United Suffers Cyberattack
Dark Reading Staff 11/23/2020
As 'Anywhere Work' Evolves, Security Will Be Key Challenge
Robert Lemos, Contributing Writer,  11/23/2020
Cloud Security Startup Lightspin Emerges From Stealth
Kelly Sheridan, Staff Editor, Dark Reading,  11/24/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27218
PUBLISHED: 2020-11-28
In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is ...
CVE-2020-29367
PUBLISHED: 2020-11-27
blosc2.c in Blosc C-Blosc2 through 2.0.0.beta.5 has a heap-based buffer overflow when there is a lack of space to write compressed data.
CVE-2020-26245
PUBLISHED: 2020-11-27
npm package systeminformation before version 4.30.5 is vulnerable to Prototype Pollution leading to Command Injection. The issue was fixed with a rewrite of shell sanitations to avoid prototyper pollution problems. The issue is fixed in version 4.30.5. If you cannot upgrade, be sure to check or sani...
CVE-2017-15682
PUBLISHED: 2020-11-27
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to inject malicious JavaScript code resulting in a stored/blind XSS in the admin panel.
CVE-2017-15683
PUBLISHED: 2020-11-27
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band.