RECON the first generation forensic capability developed utilizing Behavior Computation is an all-in-one malware and network analysis solution to aid incident responders and forensic investigators in the battle to understand their adversaries and provide actionable objects to aid in the development of defensive strategies. With just a click of a button, incident responders and forensic investigators can find the truth behind Cyber attacks while significantly reducing the level of effort and time to perform manual analysis.
How it Works
RECON combines five types of traditional malware analysis into a single process, providing more information to the user in less time.
A user can simply upload any of 4 types of artifacts:
- Packet Capture
- Live Memory Capture
- Suspicious File (exe, pdf, doc, etc.)
- Universal Resource Locator (URL)
What is Cyber Intelligence?
As an added bonus, R&K can provide an option for an advanced integration into the Department of Homeland Security (DHS) under our approved CRADA through the Cybersecurity Information Sharing & Collaboration Program (CISCP) where the transport method incorporates the STIX/TAXI sharing platforms.
- Advanced integration from multiple cyber intelligence feeds, such as the Department of Homeland Security (DHS) Cybersecurity Information Sharing & Collaboration Program (CISCP) under our approved CRADA.
- When a high visibility exploit or zero day hits the news, RECON will automatically be updated to detect it