Leverage Ultru and unleash a powerful, force-multiplier into your next IR pursuit.
Utilize the many ways to deploy Ultru:
• Direct download from Ultru Platform
• Active Directory group policy
• System center configuration manager
• Removable media
To extract signals from hosts, Ultru uses a dissolvable agent that is keyed to each customer and/or engagement. The agent uses environmentally sensing, variable memory and thread management that detects available resources during every query deemed to be system intensive.
The results are nearly instant. The Ultru Interrogator can be delivered to remote systems via web, API, or through local group policies. Artifacts collected are returned to Ultru through an encrypted channel for post-processing and analysis, pre-positioning answers and massaging data for follow-on analysis.
Each survey is stored as an atomic record, but details from that record are aggregated in a data store for analysis and prevalence determination across all inspected hosts. Prevalence score is based on the number of hosts a given process has been identified for an engagement as well as across all hosts seen by Ultru surveys across customers.
Create reports tailored to your customer's needs. Robust graphical or simple forensic artifact reports are available for automated delivery or manual selection to fit into your own after action report.