Identify malicious activity on a system via a comprehensive memory and file analysis using the deployment kit you create via this tool.
- Mandiant Redline
- Version :1.20
- License :Freeware
- OS :Windows All
- Publisher :Mandiant
Mandiant Redline Description
Mandiant Redline is a handy utility that allows you detect newly released viruses and other types of malware that are likely to be missed by standard antivirus solutions.
Quick setup and intuitive interface
The setup is quick, forthright and does not require any special attention from your part. Upon launch, you come face to face with with a user-friendly UI that includes detailed instructions on how to create a deployment kit and hence, identify and quarantine potential threats.
The idea behind the utility is to allow you to create a kit that you can deploy from a USB stick and that scans your system to detect potential threats. Once you create the collector package, you can run an audit on your machine to grab data about your system that you can examine thoroughly via the analyzer tool.
Enables you to spot actual new threats
To put it simply, the utility is designed to target executable files that are not signed or verified. Consequentially, you should expect to get quite a few false positives. Before you dismiss the app, it is worth mentioning that the program permits you to browse the files, directories, processes, registry keys, semaphore, mutant, event and sections associated with the process.
For advanced users, this can help differentiate between a false positive or an actual threat that made its way into your system. In addition to the said files, the tool also allows you to preview the strings within each process space along with the network connections it has opened. Given the type of information it provides and the in-depth analysis you need to conduct on your own, it is safe to state that the tool addresses advanced users.
A handy tool for identifying new malware on your computer
Generally speaking, if you get malware on your computer and your antivirus is updated, then it is likely that it gets quarantined before any real damage can be done. On the other hand, if you system gets attacked by a brand new specimen of malware, then there is a high chance that you can find it using Mandiant Redline.