In today’s economic climate, security teams, just like the rest of the population, are looking for every way they can find to save money and make their budgets go farther. And that can often mean seeking out free alternatives to the enterprise applications and tools that can be brutally expensive. Free and open-source tools have been gaining in popularity for the last few years, with some security professionals preferring them to commercial software.
Picking up on this trend, NetWitness on Monday decided to roll out a free version of its high-end Investigator threat-analysis tool. The tool has most of the capabilities of the paid version of Investigator, aside from some limits on the amount of data that can be captured and analyzed. Designed mainly for use in the capture and analysis of live traffic on networks, the free version of Investigator has the ability to decrypt SSL traffic, includes IPv6 support and a list of other features.
Mandiant, a security consultancy that specializes in forensics work, also has released a free analysis tool, called Memoryze, that is capable of doing live acquisition of memory and give a detailed view of exactly what’s going on in a specific machine’s memory. Each of these tools is meant to get potential customers interested in the companies’ paid products and services, but they each of plenty of value on their own, as well. The Internet Storm Center has a good write-up on Investigator, as well.