Rastrea2r
#Operations Management#Security Operations
Cortex XSOAR is a comprehensive SOAR platform that automates and standardizes security processes for faster response times and increased team productivity.
Rastrea2r: A Versatile Open Source Tool for Incident Response
Rastrea2r is a multi-platform open source tool designed for incident responders and SOC analysts. It enables users to quickly triage suspect systems and search for Indicators of Compromise (IOCs) across thousands of endpoints in just minutes.
Executing Sysinternal and System Commands Across Multiple Endpoints
It can execute sysinternal commands, system commands, and various third-party tools (including custom scripts) across multiple endpoints. The output is saved to a centralized share for either automated or manual analysis.
By utilizing a client/server RESTful API, rastrea2r can search for Indicators of Compromise (IOCs) on disk and in memory across multiple systems by employing YARA rules.
As a command line tool, rastrea2r integrates seamlessly with McAfee ePO, as well as other antivirus consoles and orchestration tools. This integration enables incident responders and SOC analysts to gather forensic evidence and search for IOCs without needing an additional agent.
