AccessData has released version 4 of its flagship Forensic Toolkit (FTK) product as well as two new expansion modules for forensic examiners and malware analysts. Cerberus is a malware analysis and triage technology aimed at reducing the level of expertise required to triage suspected malware. AccessData hopes that the new module will allow incident responders to gain actionable intelligence on malware threats without waiting for a malware team to analyze binaries in a sandbox using traditional, and often time-consuming, reverse-engineering techniques.
Providing the first step toward automated reverse engineering, Cerberus assigns threat scores and performs disassembly analysis to determine the behavior and intent of suspect binaries, prior to sending them on for deeper analysis. The Visualization module allows FTK users to view data in multiple display formats, including timelines, social analyzer, pie charts and more. This release combines the back-end processing of FTK with a new graphical analytic interface, allowing FTK users to enhance the accuracy and speed with which they can analyze case data.