Use the Mandiant Redline memory analysis tool for threat assessmentsDate: Mar 26, 2013
There will always be times when a user clicks on a malicious email attachment and infects his or her system. The question for security pros is what to do when that user reports the incident. Of course, you have to quarantine the malware to stop it from spreading to other users, but you also want to collect information to better understand how the system was compromised. With the Mandiant Redline memory analysis tool, security pros can quickly conduct thorough threat assessments and clarify the severity of such attacks.
In this SearchSecurity.com screencast, Keith Barker, CISSP and trainer for CBT Nuggets, walks through the three simple steps involved with using the Redline tool. First, he shows how to create a collector so Redline knows what information needs to be gathered. Once the collector is created, Keith loads Redline and analyzes the infected system. Finally, he shows how Redline can conveniently rank the discovered threats using Mandiant's Malware Risk Index. And because Redline can be used for memory analysis, hard-to-detect malware such as rootkits can be located with less effort. With the free Redline tool, security pros are no longer left guessing how a system was infected or which threat poses the greatest risk to user security.
About CBT Nuggets
CBT Nuggets is a computer-based technology company specializing in cutting edge online IT training. Founded in 1999 by current CEO Dan Charbonneau, CBT Nuggets provides quick, easy and affordable learning by renowned instructors for individuals, small teams and large organizations. CBT Nuggets also offers a wealth of free videos on a variety of IT topics on the CBT Nuggets YouTube video channel.
About Keith Barker
Keith Barker, CISSP, a trainer for CBT Nuggets, has more than 27 years of IT experience. He is a double CCIE and has been named a Cisco Designated VIP. Keith is also the author of numerous Cisco Press books and articles.