[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”3.25″ background_size=”initial” background_position=”top_left” background_repeat=”repeat”][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”4.4.2″ hover_enabled=”0″]<\/p>\n
3. Some contracts include a free ASGARD Management Center and Analysis Cockpit<\/h1>\n
Enterprise customers with a valid support contract for our scanners are eligible for a free ASGARD Management Center<\/a>, which is able to control and schedule scans on up to 10.000 end points and an Analysis Cockpit<\/a>, that allows you to ingest and analyze the logs of up to 50.000 end points in a comfortable manner.<\/p>\n Customers with more than 10.000 licensed endpoints are eligible for additional ASGARD Management Centers and a MASTER ASGARD, which is the central management for multiple ASGARD systems.\u00a0<\/p>\n See the Video Tutorials<\/a> page to learn how these systems can help you with you daily management and analysis tasks. If you are interested in these systems and your account status, please contact your account manager.<\/p>\n [\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”3.25″ background_size=”initial” background_position=”top_left” background_repeat=”repeat” column_structure=”1_3,2_3″][et_pb_column type=”1_3″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”3.27.4″]<\/p>\n The customer portal contains a CSV with information on all 9973 YARA rules in our signature set (as of 16.02.2019). This way you can verify if a certain threat group or campaign is covered by our rules or not. You can find that CSV in the “Software Information” section together with binary hashes and an update server status on all our products.<\/p>\n [\/et_pb_text][\/et_pb_column][et_pb_column type=”2_3″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_image src=”https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2019\/02\/Screenshot-2019-02-16-at-10.53.15.png” align_tablet=”center” align_last_edited=”on|desktop” _builder_version=”4.4.2″ hover_enabled=”0″][\/et_pb_image][et_pb_image src=”https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2019\/02\/Screenshot-2019-02-16-at-10.54.48.png” align_tablet=”center” align_last_edited=”on|desktop” _builder_version=”4.4.2″ hover_enabled=”0″][\/et_pb_image][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”3.25″ background_size=”initial” background_position=”top_left” background_repeat=”repeat” column_structure=”1_3,2_3″][et_pb_column type=”1_3″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”3.27.4″]<\/p>\n We do not support this coexistence but prepared everything to make it easier for you to install Kibana next to our own interface to analyze the collected log data. The analysis cockpit manual has a chapter that explains how to install Kibana on an Analysis Cockpit. The Analysis Cockpit wraps Kibana and serves access as reverse proxy providing a common authentication. You can manage the service from within the “Settings” section of the Analysis Cockpit.<\/p>\n [\/et_pb_text][\/et_pb_column][et_pb_column type=”2_3″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_image src=”https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2019\/02\/Screenshot-2019-02-13-at-14.46.30.png” show_in_lightbox=”on” align_tablet=”center” align_last_edited=”on|desktop” _builder_version=”4.4.2″ max_width=”35%” hover_enabled=”0″][\/et_pb_image][et_pb_image src=”https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2019\/02\/Screenshot-2019-02-13-at-14.53.19.png” align_tablet=”center” align_last_edited=”on|desktop” _builder_version=”4.4.2″ hover_enabled=”0″][\/et_pb_image][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”3.25″ background_size=”initial” background_position=”top_left” background_repeat=”repeat”][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”3.27.4″]<\/p>\n If you have any feedback, questions on these features, please let us know.<\/p>\n [\/et_pb_text][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":" We constantly improve the quality of our products and services, add features and create new bundles. Follow ups with our customers showed that not all of these changes reach their attention. They are often surprised and excited to hear about these features, free tools or license bundles. This is a list of the changes that often go unnoticed. 1. Scanner licenses allow you to run THOR and SPARK Customers who have bought scanner licenses to scan Servers and Workstations, be it an Enterprise or Host-based license, can use both our scanners THOR and SPARK. If you have bought an Enterprise license for THOR in the past, you are also allowed to download and use this license with SPARK on Linux or macOS endpoints. Download SPARK from the “Downloads” section in the customer portal. 2. SPARK applies Sigma rules on endpoints Customers are often surprised to hear that. We have customers that are not allowed to collect logs on endpoints due to legal restrictions but they are able to start executables like our scanner SPARK on endpoints, which is able to apply Sigma rules on local Eventlogs. This way, they can apply detection rules on systems that they do not actively […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":" We constantly improve the quality of our products and services, add features and create new bundles. Follow ups with our customers showed that not all of these changes reach their attention. They are often surprised and excited to hear about these features, free tools or license bundles.<\/p> This is a list of the changes that often go unnoticed:<\/p> Customers who have bought scanner licenses to scan Servers and Workstations, be it an Enterprise or Host-based license, can use both our scanners THOR and SPARK. If you have bought an Enterprise license for THOR in the past, you are also allowed to download and use this license with SPARK on Linux or macOS endpoints. Download SPARK from the \"Downloads\" section in the customer portal.<\/p> Customers are often surprised to hear that. We have customers that are not allowed to collect logs on endpoints due to legal restrictions but they are able to start executables like our scanner SPARK on endpoints, which is able to apply Sigma rules on local Eventlogs. This way, they can apply detection rules on systems that they do not actively monitor.<\/p> The blog post -\u00a0SPARK uses Sigma Rules in Eventlog Scan<\/a> has more information on that feature.<\/p> Enterprise customers with a significant number of licensed endpoints are eligible for a free ASGARD Management Center, which is able to control and schedule scans on up to 10.000 end points and an Analysis Cockpit, that allows you to ingest and analyze the logs of up to 50.000 end points in a comfortable manner.<\/p> See the Video Tutorials<\/a> page to learn how these systems can help you with you daily management and analysis tasks.<\/p> If you are interested in these systems and your account status, please contact your account manager.<\/p> The customer portal contains a CSV with information on all 9973 YARA rules in our signature set (as of 16.02.2019). This way you can verify if a certain threat group or campaign is covered by our rules or not.<\/p> You can find that CSV in the \"Software Information\" section together with binary hashes and an update server status on all our products.<\/p> The CSV looks like this:<\/p> We do not support this coexistence but prepared everything to make it easier for you to install Kibana next to our own interface to analyze the collected log data. The analysis cockpit manual has a chapter that explains how to install Kibana on an Analysis Cockpit.<\/p> The Analysis Cockpit wraps Kibana and serves access as reverse proxy providing a common authentication.<\/p> You can manage the service from within the \"Settings\" section of the Analysis Cockpit:<\/p>4. YARA signature overview in Customer Portal<\/h1>\n
5. Kibana can be installed together with ASGARD Analysis Cockpit<\/h1>\n
Feedback<\/h1>\n
1. Scanner licenses allow you to run THOR and SPARK<\/h1>
![\"\"](\"http:\/\/nextron.bsk-consulting.de\/wp-content\/uploads\/2019\/02\/Screenshot-2019-02-16-at-10.19.39.png\")
<\/a><\/p>2. SPARK applies Sigma rules on endpoints<\/h1>
3. Some contracts include a free ASGARD Management Center and Analysis Cockpit<\/h1>
4. YARA signature overview in Customer Portal<\/h1>
![\"\"](\"http:\/\/nextron.bsk-consulting.de\/wp-content\/uploads\/2019\/02\/Screenshot-2019-02-16-at-10.53.15.png\")
<\/a><\/p>![\"\"](\"http:\/\/nextron.bsk-consulting.de\/wp-content\/uploads\/2019\/02\/Screenshot-2019-02-16-at-10.54.48.png\")
<\/a><\/p>5. Kibana can be installed together with ASGARD Analysis Cockpit<\/h1>
![\"\"](\"http:\/\/nextron.bsk-consulting.de\/wp-content\/uploads\/2019\/02\/Screenshot-2019-02-13-at-14.46.30-115x300.png\")
<\/a><\/p>
![\"\"](\"http:\/\/nextron.bsk-consulting.de\/wp-content\/uploads\/2019\/02\/Screenshot-2019-02-13-at-14.46.49-1024x369.png\")
<\/a><\/p>![\"\"](\"http:\/\/nextron.bsk-consulting.de\/wp-content\/uploads\/2019\/02\/Screenshot-2019-02-13-at-14.53.19-1024x553.png\")
<\/a><\/p>