Guidance Software Adds Volatile Data Reporting

With the addition of volatile reporting, EEE now remotely analyzes both volatile and static data on potentially compromised servers and workstations, the company said.

As defined by Guidance, volatile data exists in the memory of a server or workstation that can be lost during a power outage or a systems failure vs. static data that is stored on hard drives, USB devices and CDs.

Snapshot, a function within EEE, literally takes a snapshot of volatile information to give a view of what was happening on a system at any given point in time. If an incident occurs, Snapshot has captured where the incident may have originated from, such as an open port, executables running on a computer or open files for example.

"What it does is keeps track of what the system is doing, who is on the system and what they are looking at," said Robert Shields, vice president of marketing at Guidance, Pasadena, Calif. "It tests live applications to make sure someone hasn't come in and added an active application that should not be on a system and renamed it as an Outlook application, for example, which is supposed to be on the system and is considered a trusted application."

id
unit-1659132512259
type
Sponsored post

EEE also now includes Linux kernel support for Linux versions 2.4x and above such as Red Hat and SuSE Linux.