Software

ArcticMyst Security is a free & open source EDR (endpoint detection & response) software for Windows.  We log data such as the following which is sent to DeepTide server and used for our professional threat hunting / monitoring service:

1) Processes executed

2) SHA256 of processes executed

3) Process command line

4) Registry startup changes (Causes systray balloon notification alert)

5) Changes to PendingFileRenameOperations registry

Additionally, there is a feature for symmetrically encrypting text with a passphrase; this leverages Serpent encryption with Whirlpool hashing.

The software is completely free to use; however, if you would like us to perform threat hunting and analytics on your logs then this is a paid service.  Please contact us for more info

GitHub - chr0meice2/arcticmyst
Contribute to chr0meice2/arcticmyst development by creating an account on GitHub.