InQuest not only provides the ability to capture and catalog all web and e-mail session data carrier class speeds up to 20Gbps. We also support the customer with the ability to capture and analyze data-at-rest via CIFS/SMB.

The perfect complement to retrospective file analysis, Deep File Inspection (DFI) over data-at-rest provides a sentry for your endpoint and critical storage locations. Scan potential threats that were introduced via peripheral media or encrypted protocols.

Typical file content may be crated and compressed in a variety of trivially parseable formats. Common malware carriers however will leverage a variety of encapsulation layers to mask their malicious intent... like a Matryoshka doll, also known as Russian nesting dolls. DFI is our solution to unmasking these threats.

Whereas, other network-based solutions can barely scratch the surface beyond layer 7. InQuest DFI will typically expose an additional 4x worth of content for threat and data loss prevention.

In addition to the weekly signatures provided by InQuest Labs, the platform provides the ability to create, test, and tune custom signatures to address threats to your organization.

Click below to learn more about how we beat traditional security defenses.

Read More
Latest InQuest Blog Posts
Short-Circuiting Boolean Operators in YARA
Rob King / 2018-12-18

Here at InQuest, YARA is among the many tools we use to perform deep-file inspection, with a fairly extensive rule set. InQuest operates at line speed in very high-traffic networks, so these rules need to be fast. This blog post is the second in a series discussing YARA performance notes, tips, and hacks.

Read More
Ex Machina: A Frolic through the Forests
Steve Esling / 2018-12-29

Today, we’re going to take a deeper dive into two of our classifiers, Random Forests (RF) and Gradient Boosting (GB), and discuss some of their interesting findings.

Read More
InQuest Labs Research Spotlight
A collection of awesome lists, manuals, blogs, hacks, one-liners, cli/web tools for System and Network Admins, DevOps, Pentesters or Security Researchers.
Read More
Python examples of popular machine learning algorithms with interactive Jupyter demos and math being explained.
Read More
Pastebin scraper written in python designed to look for obfuscated pastes and save them. Decoders can then be applied to the pastes to de-obfuscate them for code samples
Read More
Global Security Events
Microsoft issues emergency fix for Internet Explorer zero-day

Microsoft rolled out an emergency security update to patch a zero-day in Internet Explorer that was being exploited in the wild. CVE-2018-8653 resides in IE’s scripting engine, specifically in how the engine handles objects in memory.

Read More
How China's elite hackers stole the world's most valuable secrets

A new Justice Department indictment outlines how Chinese hackers (specifically APT10) allegedly compromised data from companies in a dozen countries in a single intrusion.

Read More
Sofacy Creates New ‘Go’ Variant of Zebrocy Tool

The Sofacy threat group continues to carry out attacks using their Zebrocy tool. The developers of Zebrocy have once again created a new version the Trojan using a different programming language, specifically the Go language. .

Read More
Useful Links
InQuest Insider - Your monthly resource for the latest in cyber security news, trends, tips and tools. Subscribe here.
Copyright © InQuest 2018