Company Profile
Fortune 1000 Global Manufacturing Company with 10,000+ employees
Problem
Company has been hit with malware and ransomware in the past. They have multiple cyber security tools in place, however are worried about existing endpoint protections and would like the ability to search for both SHA-1 hash values as well as snippets of code identified by IT staff as potentially malicious.
Solution
Heureka's endpoint service automatically creates both MD5 and SHA1 hashes for each file that is indexed. Interrogate has a built-in hash value search along with known hash-based Indicators of Compromise. A single scan across all endpoints for all IOC's will indicate whether or not an endpoint may have compromised software. Additionally, with keyword searching it is possible to run a code snippet search to discover endpoints with plain-text code.
