Dig Deeper into Your Organization’s Endpoints
Velociraptor
Velociraptor is a unique, advanced open-source endpoint monitoring, digital forensic and cyber response platform. It provides you with the ability to more effectively respond to a wide range of digital forensic and cyber incident response investigations and data breaches.
Collect
At the press of a (few) buttons, perform targeted collection of digital forensic evidence simultaneously across your endpoints, with speed and precision.
Hunt
Don't wait until an event occurs. Actively search for suspicious activities using our library of forensic artifacts, then customize to your specific threat-hunting needs.
Monitor
Continuously collect endpoint events such as event logs, file modifications and process execution. Centrally store events indefinitely for historical review and analysis.
Collect
At the press of a (few) buttons, perform targeted collection of digital forensic evidence simultaneously across your endpoints, with speed and precision.
Hunt
Don't wait until an event occurs. Actively search for suspicious activities using our library of forensic artifacts, then customize to your specific threat-hunting needs.
Monitor
Continuously collect endpoint events such as event logs, file modifications and process execution. Centrally store events indefinitely for historical review and analysis.
Velociraptor Resources
Can you imagine easily investigating alerts or triaging hosts – even thousands at once – using a single cross-platform, lightweight, open-source tool? Can you imagine then actively responding to an infection by quarantining hosts, removing persistence mechanisms, and performing remediation leveraging your favorite commands or tools within that same platform? It's time to re-imagine the level of effort, expertise, and funding necessary to keep the enterprise safe. It's time for Velociraptor.
Key forensic features
Continuous endpoint-event collection
Library of forensic artifacts
Customizable threat-hunting
Central storage of events – indefinitely
Velociraptor-powered Insight agents
Investigations in weeks – not months
Continuous endpoint-event collection
Library of forensic artifacts
Customizable threat-hunting
Central storage of events – indefinitely
Velociraptor-powered Insight agents
Investigations in weeks – not months
Novel analysis with multiple forensic capabilities
Partnership with Rapid7 MDR delivers:
String together different digital forensic capabilities for a customized investigation and situational approach to threat hunting. Rapidly go from an advisory or new hunting idea to actionable data and DFIR analysis in minutes. Leverage the power of Velociraptor Query Language (VQL) to create custom artifacts, which allow you to collect, query, and monitor almost any aspect of an endpoint, groups of endpoints, or an entire network – then use it to launch your incident response.
