[et_pb_section fb_built=”1″ _builder_version=”4.0.6″][et_pb_row column_structure=”2_5,3_5″ _builder_version=”4.0.6″][et_pb_column type=”2_5″ _builder_version=”4.0.6″][et_pb_text _builder_version=”4.0.6″]<\/p>\n
ASGARD Analysis Cockpit\u2019s new version 2.8.2 features an open API to interface with all major sandbox vendors.<\/p>\n
It ships with presets for Cuckoo Sandbox and even allows to connect multiple different sandboxes at the same time. \u00a0<\/p>\n
[\/et_pb_text][\/et_pb_column][et_pb_column type=”3_5″ _builder_version=”4.0.6″][et_pb_image src=”https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2019\/12\/Screenshot-2019-12-04-at-15.55.42.png” _builder_version=”4.4.2″ hover_enabled=”0″][\/et_pb_image][\/et_pb_column][\/et_pb_row][et_pb_row column_structure=”2_5,3_5″ _builder_version=”4.0.6″][et_pb_column type=”2_5″ _builder_version=”4.0.6″][et_pb_text _builder_version=”4.0.6″]<\/p>\n
Today users can configure THOR scans in the ASGARD Management Center that collect suspicious files with a given minimum score.<\/p>\n
(side note: a clever mechanism in Bifrost protocol v2 collects only files that have not been collected before)<\/p>\n
The new version of Analysis Cockpit will automatically receive these samples once it gets connected to an ASGARD Management Center.<\/span><\/p>\n <\/p>\n [\/et_pb_text][\/et_pb_column][et_pb_column type=”3_5″ _builder_version=”4.0.6″][et_pb_image src=”https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2019\/12\/Screenshot-2019-12-04-at-16.39.52.png” _builder_version=”4.4.2″ hover_enabled=”0″][\/et_pb_image][et_pb_image src=”https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2019\/12\/Screenshot-2019-12-04-at-16.40.00.png” _builder_version=”4.4.2″ hover_enabled=”0″][\/et_pb_image][\/et_pb_column][\/et_pb_row][et_pb_row column_structure=”2_5,3_5″ _builder_version=”4.0.6″][et_pb_column type=”2_5″ _builder_version=”4.0.6″][et_pb_text _builder_version=”4.0.6″]<\/p>\n With a connected Sandbox, you can decide to send <all> incoming samples to Sandbox or drop only selected samples manually.\u00a0\u00a0<\/p>\n Analysis Cockpit’s “Sandbox” section shows all collected samples, the affected hosts, hashes, filenames and other data in the “Files” tab.\u00a0<\/p>\n <\/p>\n [\/et_pb_text][\/et_pb_column][et_pb_column type=”3_5″ _builder_version=”4.0.6″][et_pb_image src=”https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2019\/11\/Screenshot-2019-11-29-at-17.05.52.png” _builder_version=”4.4.2″ hover_enabled=”0″][\/et_pb_image][\/et_pb_column][\/et_pb_row][et_pb_row column_structure=”2_5,3_5″ _builder_version=”4.0.6″][et_pb_column type=”2_5″ _builder_version=”4.0.6″][et_pb_text _builder_version=”4.0.6″]<\/p>\n The “Reports” tab contains results from each sandbox run.\u00a0<\/p>\n [\/et_pb_text][\/et_pb_column][et_pb_column type=”3_5″ _builder_version=”4.0.6″][et_pb_image src=”https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2019\/11\/Screenshot-2019-11-29-at-17.03.17.png” _builder_version=”4.4.2″ hover_enabled=”0″][\/et_pb_image][\/et_pb_column][\/et_pb_row][et_pb_row column_structure=”2_5,3_5″ _builder_version=”4.0.6″][et_pb_column type=”2_5″ _builder_version=”4.0.6″][et_pb_text _builder_version=”4.0.6″]<\/p>\n Each event in “Baselining” section shows an available sandbox report if a hash in the event matches with one of a sample that has been analyzed by the sandbox.\u00a0<\/p>\n [\/et_pb_text][\/et_pb_column][et_pb_column type=”3_5″ _builder_version=”4.0.6″][et_pb_image src=”https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2019\/12\/Screenshot-2019-12-04-at-17.18.43.png” _builder_version=”4.4.2″ hover_enabled=”0″][\/et_pb_image][\/et_pb_column][\/et_pb_row][et_pb_row column_structure=”2_5,3_5″ _builder_version=”4.0.6″][et_pb_column type=”2_5″ _builder_version=”4.0.6″][et_pb_text _builder_version=”4.0.6″]<\/p>\n The Analysis Cockpit API allows the retrieval of collected sample files and the upload of any type of report.\u00a0<\/p>\n [\/et_pb_text][\/et_pb_column][et_pb_column type=”3_5″ _builder_version=”4.0.6″][et_pb_image src=”https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2019\/11\/Screenshot-2019-11-29-at-17.02.51.png” _builder_version=”4.4.2″ hover_enabled=”0″][\/et_pb_image][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":" ASGARD Analysis Cockpit\u2019s new version 2.8.2 features an open API to interface with all major sandbox vendors. It ships with presets for Cuckoo Sandbox and even allows to connect multiple different sandboxes at the same time. \u00a0Today users can configure THOR scans in the ASGARD Management Center that collect suspicious files with a given minimum score. (side note: a clever mechanism in Bifrost protocol v2 collects only files that have not been collected before) The new version of Analysis Cockpit will automatically receive these samples once it gets connected to an ASGARD Management Center. With a connected Sandbox, you can decide to send <all> incoming samples to Sandbox or drop only selected samples manually.\u00a0\u00a0 Analysis Cockpit’s “Sandbox” section shows all collected samples, the affected hosts, hashes, filenames and other data in the “Files” tab.\u00a0 The “Reports” tab contains results from each sandbox run.\u00a0Each event in “Baselining” section shows an available sandbox report if a hash in the event matches with one of a sample that has been analyzed by the sandbox.\u00a0The Analysis Cockpit API allows the retrieval of collected sample files and the upload of any type of report.\u00a0<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[36,46],"tags":[90,76,165,124,218,217],"class_list":["post-5050","post","type-post","status-publish","format-standard","hentry","category-asgard-analysis-cockpit","category-newsletter","tag-analysis","tag-asgard","tag-collection","tag-malware","tag-sample","tag-sandbox"],"yoast_head":"\n