Easy to deploy
No pre-installed agent is required. Machine states can be collected via our standalone tool DumpIt and its PowerShell interface to provide your organization more flexibility.
No pre-installed agent is required. Machine states can be collected via our standalone tool DumpIt and its PowerShell interface to provide your organization more flexibility.
Stay ahead of adversaries, take snapshots and archive your system for retroactive hunting. Unlike log files, if you have a copy of your entire machine’s state you can look for threats and unfamiliar activities by comparing historical records.
Endpoint solutions will give you alerts but won’t give you the opportunity to look into the core of your machine. Comae Stardust takes you on that deeper dive into your systems.
Our leading internal threat intelligence team continuously monitors new types of attacks and contributes to updating our detection methods.
DumpIt by @ComaeTech is really fantastic for memory acquisition, it's able to take a full image of a Windows 10 VM with 4 GB of RAM in *40 seconds*
— Christophe (@christophetd) April 29, 2020
Memory forensics at scale has always been hard, however @msuiche from @ComaeIO is doing some interesting work with memory analysis at scale.#DFIR #MemoryForensics #IncidentResponse https://t.co/pqpFNjOpgp
— Josh Lemon (@joshlemon) March 3, 2020
It's cool to see orgs like @ComaeIO making it easier to snapshot system memory to facilitate future investigations. This is a powerful idea that adds another landmine for intruders to try to avoid, while giving defenders potentially rich host-centric forensic data. HT @allenmale https://t.co/QqH4pbEX1D
— Richard Bejtlich 💾 🇺🇦 (@taosecurity) April 25, 2019
Wow I have to say that @ComaeIo Stardust is very straightforward for #malware hunting in memory dump! Awesome job man @msuiche pic.twitter.com/1PKG9QDouY
— Thomas Roccia 🤘 (@fr0gger_) October 10, 2017
I should familiarize myself with Comae. This company seems to have some amazing skillz.
— Chris Wysopal (@WeldPond) February 1, 2018
I confirm that Comae has so much innovation in here. This is definitely a quick win solution for servers where we can not contractually apply updates such as ones in plants.
— Vincent Le Toux (Paris) (@mysmartlogon) February 18, 2018
Something between « run the AV » (which detect nothing) and a full month forensic investigation.
#DFIR Looking for more memory dumps to dig into? Here is my newest one! https://t.co/yP795BC6pO -> Win10x64_18362 DevVM Gargoyle-laden (thx @jalospinoso) acquired with dumpit (thx @msuiche) & analyzed with win10compression support (thx @MalwareMechanic)
— be still. (@sibertor) February 2, 2020
オウンドメディア LAC WATCH:
— ラック公式 (@lac_security) January 30, 2020
【サイバー救急センターレポート 第8号 ~クラウドサービスのインシデント対応~】
ラックのサイバー救急センターが、事故(インシデント)調査で得た情報を基にサイバー攻撃の動向等を分析したレポートが刊行されました。ぜひご覧ください。https://t.co/mz4FBtorWO
I’ll take a portable Comae Stardust setup too, thank you very much.
— J. A. Guerrero-Saade (@juanandres_gs) March 11, 2019
DumpIt, now for Linux as well!
— cteodor (@cteodor) November 18, 2019
Great tools from Comae. #DFIR https://t.co/MHOjnbOZou