The Crypsis Group, a leading incident response, risk management and digital forensics firm, announced the launch of Hadron, an advanced Endpoint Detection and Response (EDR) platform that provides real-time monitoring, collection and querying of forensic artifact data.
Hadron is a powerful tool that provides Crypsis incident responders with unparalleled insight into ongoing and/or historical data breach activities, thereby greatly accelerating their client investigations.
Hadron collects and analyzes the data most relevant to today’s attacks in modern environments in seconds, enabling investigators to quickly and accurately determine the scope and impact of an active client breach—facilitating faster response times.
“Hadron not only gathers all relevant data from endpoints but also combines it with threat intelligence data curated by investigators to provide a highly accurate, targeted picture of the current threat and appropriate breach response,” said Bret Padres, CEO of The Crypsis Group.
“We are pleased to be able to unveil this technology. Our developers have been working hard on Hadron, and now we are putting it in the hands of our data breach responders.”
Hadron will empower The Crypsis Group’s entire catalog of services including investigations into ransomware outbreaks, web server compromises, malicious insiders and business email compromises.
Additionally, Hadron is now integrated with our Managed Services offerings, allowing for 24/7 monitoring. Its multi-platform support (including Microsoft Windows, Mac and Linux) means investigations need not be limited by the host environment or nature of the data breach.
“Over the past decade as an incident responder, I have wanted a tool that could provide visibility over an entire environment while also having the flexibility to perform a deep-dive, forensic analysis on a host-by-host basis,” said Josh Shomo, senior director and Hadron architect, The Crypsis Group.
“Hadron is that tool. Want to monitor malicious PowerShell activity across a network? Done. Want to analyze file access using ShellBag, LNK file, or Jumplist data? No problem—we can do that for our clients.”