rat Comodo Valkyrie Software Version 1.1 Administrator Guide Guide Version Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013

Similar documents
Comodo APT Assessment Tool

Comodo Unknown File Hunter Software Version 2.1

Hi rat. Comodo Valkyrie. Software Version User Guide Guide Version Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013

Comodo IT and Security Manager Software Version 5.4

Importing and exporting your or Personal Authentication certificate using Mozilla Firefox

Importing and Using your or Personal Authentication certificate with Windows Live Mail

Importing and exporting your or Personal Authentication certificate using Google Chrome

Importing and Using your or Personal Authentication certificate with Mozilla SeaMonkey Client (PC)

Importing and exporting your or Personal Authentication certificate using Internet Explorer

Importing and exporting your or Personal Authentication certificate with Opera

Importing and Using your or Personal Authentication certificate with Mac OS X Mail / Apple Mail

Importing and Using your or Personal Authentication Certificate with Outlook 2010 / 2013

Comodo cwatch Web Security Software Version 1.0

Importing and Using your or Personal Authentication certificate with The Bat!

Importing your or Personal Authentication certificate to Android Devices

Comodo Certificate Manager Version 5.4

Comodo IT and Security Manager Software Version 6.6

Comodo IT and Security Manager Software Version 6.4

Comodo IT and Security Manager Software Version 6.9

Comodo Unknown File Hunter Software Version 5.0

Comodo Certificate Manager Version 5.5

Comodo One Software Version 3.3

Comodo ONE Software Version 3.2

Comodo One Software Version 3.3

Comodo Certificate Manager

Comodo One Software Version 3.5

1 Comodo One Home Edition - FAQ

Comodo Certificate Manager Software Version 5.6

Comodo Web Application Firewall for Plesk Software Version 2.11

Comodo cwatch Web Security Software Version 1.1

Comodo Certificate Manager

Comodo Certificate Manager Version 5.7

Comodo One Software Version 3.16

Comodo Certificate Manager Version 5.7

Comodo Certificate Manager

Comodo SecureBox Management Console Software Version 1.8

Comodo ONE Software Version 1.8

Comodo Device Manager Software Version 4.0

Comodo Endpoint Security Manager Professional Edition Software Version 3.5

Comodo Certificate Manager

Comodo Certificate Manager Software Version 5.7

Comodo Certificate Manager

Comodo Device Manager Software Version 4.0

Comodo ONE Software Version 3.3

Comodo Certificate Manager Software Version 5.0

Comodo Offline Updater Utility Software Version

Comodo Certificate Manager

Comodo One Home Edition - FAQ

Comodo IT and Security Manager Software Version 6.9

Domain Control Validation in Comodo Certificate Manager

Comodo Certificate Manager Version 5.5

Domain Control Validation in Comodo Certificate Manager

Comodo Certificate Manager Version 5.6

Comodo Accounts Management Software Version 15.0

Comodo Certificate Manager

rat Comodo EDR Software Version 1.7 Administrator Guide Guide Version Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013

Comodo Certificate Manager Software Version 5.0

Comodo SiteInspector Software Version 3.3

Comodo Certificate Manager

Comodo SecureBox Management Console Software Version 1.9

Domain Control Validation in Comodo Certificate Manager

Comodo Endpoint Security Manager Professional Edition Software Version 3.3

Comodo Certificate Manager Version 5.7

Comodo One Mobile Software Version 1.16

Comodo Cloud Drive Software Version 1.0

Comodo Certificate Manager

Comodo Certificate Manager

Comodo Certificate Manager

Comodo Certificate Manager

Comodo cwatch Web Security Software Version 1.6

Comodo Certificate Manager

Office 365 Integration Guide Software Version 6.7

Comodo Certificate Manager

Comodo. Cloud Antivirus. User Guide. Software Version Guide Version

Comodo One Software Version 3.26

rat ITarian Software Version 3.26 Network Assessment Tool Quick Start Guide Guide Version Broad Street Clifton, NJ 07013

CCloud for ios Devices

Comodo Comodo Dome Antispam MSP Software Version 2.12

Comodo Auto Discovery and Deployment Tool Software Version 1.0

Comodo Antispam Gateway Software Version 2.12

Comodo Dome Shield - Admin Guide

Comodo One Software Version 3.19

Comodo Internet Security Software Version 11.0

Overview and Tutorial

Comodo Antispam Gateway Software Version 2.1

Comodo TrustConnect Software Version 1.72

Comodo SecureBox Management Console Software Version 1.9

Comodo Antispam Gateway Software Version 2.11

Comodo One Software Version 3.18

Comodo One Software Version 3.16

Comodo Internet Security Essentials Software Version 1.3

Comodo One Software Version 3.26

Comodo Internet Security Software Version 10.1

Comodo Certificate Manager Version 5.7

Comodo Server Security Server

Comodo Certificate Manager

Comodo. Cloud Antivirus. User Guide. Software Version Guide Version

Comodo One Home Edition - FAQ

Online Security Software Version 1.2

Comodo Endpoint Manager Software Version 6.25

Transcription:

rat Comodo Valkyrie Software Version 1.1 Administrator Guide Guide Version 1.1.122415 Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013

Table of Contents 1 Introduction to Comodo Valkyrie... 3 2 Creating a Valkyrie Account... 4 2.1 Logging into Valkyrie... 6 3 Uploading Files for Analysis... 7 4 Valkyrie Analysis Results... 10 4.1 Valkyrie Dashboard... 11 4.2 Usage Statistics... 17 4.3 Activity Logs... 19 4.4 Valkyrie Lucky You Statistics... 20 4.5 Valkyrie Unknown File Statistics... 22 4.6 Valkyrie Unknown File Weekly Statistics... 25 4.7 Configuring Valkyrie Account Settings... 27 5 APT Risk Assessment Tool... 29 About Comodo... 33 2015 Comodo Security Solutions Inc. All rights reserved. 2

1 Introduction to Comodo Valkyrie Valkyrie is a cloud based file analysis system that is completely different from the conventional signature based malware detection technique. The technology includes static as well dynamic analysis of the uploaded files. If required, the files can also be submitted for manual check to undergo a comprehensive manual analysis. Features No installation required, just upload the files for analysis Automated and manual analysis of submitted files Comprehensive reports provide granular details about the trust level of files This guide is intended to take you through the use of Comodo Valkyrie and is broken down into the following main sections. Introduction Creating a Valkyrie Account Logging into Valkyrie Uploading Files for Analysis Valkyrie Analysis Results Valkyrie Dashboard Usage Statistics Activity Logs Valkyrie Lucky You Statistics Valkyrie Unknown File Statistics Valkyrie Unknown File Weekly Statistics 2015 Comodo Security Solutions Inc. All rights reserved. 3

2 Configuring Valkyrie Account Settings APT Risk Assessment Tool Creating a Valkyrie Account Creating a Valkyrie account is very simple and can be done within a few minutes. Enter https://valkyrie.comodo.com into the address bar of any browser and click the 'Sign In' button at the top right of the screen. The 'Welcome to Valkyrie' screen will be displayed. Click 'Create an account' link The 'Sign Up' form will be displayed. 2015 Comodo Security Solutions Inc. All rights reserved. 4

User Name Enter the name that will be displayed in the screen after logging in. Email Enter a valid email that will be used for logging into your account. Password Enter the password for logging into your account and confirm it in the next field. Click 'Terms and Conditions', read the 'Comodo Terms and Conditions' fully, select the check box beside 'I agree with the Terms and Conditions' and click the 'Sign Up' button. That's it. Your Valkyrie account will be created and the 'Dashboard' screen will be displayed. If you have forgotten your password, it can be reset. From the 'Welcome to Valkyrie' screen, click the link 'Click here' beside 'Forgot your password? The 'Recover your password' screen will be displayed: 2015 Comodo Security Solutions Inc. All rights reserved. 5

Enter the email address to which the password should be sent in the 'Email' field and click the 'Send' button. You will receive the reset password to the specified mail above. Now you can login to the account using the new password. Please note that you can also reset the current password from the 'Settings' screen. Refer to the section 'Configuring Valkyrie Account Settings' for more details. 2.1 Logging into Valkyrie You can login to your Valkyrie account using any browser from any part of the world. Enter 'https://valkyrie.comodo.com' in the address bar and click the 'Enter'. The home page will be displayed. 2015 Comodo Security Solutions Inc. All rights reserved. 6

Click the 'Sign In' button at the top right. The 'Login to your account' page will be displayed. Enter the credentials in the respective fields and click the 'Sign In' button. If you select the 'Remember Me' option, you will be logged into your account automatically each time until you log out or clear the browser's history or cache. The 'Dashboard' page will be displayed by default after successful sign in. Refer to 'Valkyrie Dashboard' section for more details. The next section 'Uploading Files for Analysis' explains how to upload files for analysis with Valkyrie. 3 Uploading Files for Analysis Files that are uploaded to Valkyrie cloud based analysis system are analyzed dynamically and statically. The dynamic process includes the runtime behavior and static process includes analyzing the file's binary properties extracted from it such as its sections, entropy, packer type and many more. Any deviation from the expected values in these features provides the clue about the nature of the file. The upload floater button is available in the 'Dashboard' and 'Information' screens. If this button is not visible, click the 2015 Comodo Security Solutions Inc. All rights reserved. 7

button. This a toggle button to display the upload button. To upload a file, click the upload button The 'Analyze File' form will be displayed: SHA1 Here If you know the hash value of the file, you can enter the value in this field and click the 'Search' button. Valkyrie will search its database to find if the file has already been uploaded by any of the subscribers and if available will fetch results immediately. File URL Enter the URL of the file and click the 'Analyze File by URL' button. Valkyrie will start the analysis process and within a few minutes provide the file verdict. File to Analyze This option allows you to submit files from your system. Click 'Select File' button, navigate to the location of the file that you want to submit for analysis and click the 'Analyze' button. If the file is already analyzed, the following message will be displayed: 2015 Comodo Security Solutions Inc. All rights reserved. 8

Click 'View Last Result' to view the last result or 'ReAnalysis File' to analyze the file again. The process will be displayed......and on completion, the results will be displayed. Refer to the section 'Valkyrie Analysis Results' for more details. 2015 Comodo Security Solutions Inc. All rights reserved. 9

4 Valkyrie Analysis Results After logging into your account, the dashboard will be displayed by default, which provides the details of analysis of submitted files by you. You can navigate to different pages of the website by clicking your account name on the top right side of the page. 2015 Comodo Security Solutions Inc. All rights reserved. 10

My Dashboard Provides the details of each file that was submitted to Valkyrie for analysis such as its SHA1 signature, submitted date and more. Refer to the section 'Valkyrie Dashboard' for more details. My Stats Provides the summary of files analyzed by Valkyrie for your account. Refer to the section 'Usage Statistics' for more details. Activity Logs Provides the Valkyrie account usage details such as date and time of login, the source IP of the computer used to login and more. Refer to the section 'Activity Logs' for more details. Lucky You Provides the details of submitted files by you are determined as zero day malware files. Refer to the section 'Valkyrie Lucky You Statistics' for more details. Unknown File Statistics Provides the details of Valkyrie verdict changes from 'Unknown' files to either 'Clean' or 'Malware'. Refer to the section 'Valkyrie Unknown File Statistics' for more details. Weekly Unknown Statistics A graphical weekly summary of unknown files, unknown files that are whitelisted, unknown file that are determined as malware and total number of unknown files that are remaining to complete analysis. Refer to the section 'Valkyrie Unknown File Weekly Statistics' for more details. Settings Allows you to change your account details such as your name, current password and antivirus vendors. Refer to the section 'Configuring Valkyrie Account Settings' for more details. Log Out Allows you to log out of your account. 4.1 Valkyrie Dashboard The 'Dashboard' page of Valkyrie displays the details of analysis for the files submitted. From this page, you can view the results, download auto analysis report, view details of static analysis, view details of dynamic analysis and more. The dashboard will be displayed by default after logging in. You can also open this page by clicking your account name at the top right and then 'My Dashboard' 2015 Comodo Security Solutions Inc. All rights reserved. 11

The details of each analyzed file will be displayed in the table. The number of items to be displayed on each page can be selected from the 'Show entries' option on the left. The summary of analysis requests and results are displayed at the top of the table. Sort and search options Sorting the entries You can sort the items in ascending/descending order by clicking on the column headers. Searching for particular item(s) Enter the details partially or fully in the search field on the top right side. You can search for items based on all columns except the 'Actions' column. To display all the entries again, clear the search field. 2015 Comodo Security Solutions Inc. All rights reserved. 12

Valkyrie Detailed Analysis Results Table of Column Descriptions Column Header Description File Name The name of the submitted file Path The IP of the endpoint and the file's path details SHA1 The SHA1 hash value of the file Submit date The date and time the file was submitted for analysis Final Verdict The Valkyrie dynamic and statical analysis results for the file. The results available are: Manual Verdict Status Actions Clean The file is 99.9% safe to run No Threat Found No malware found in the file, but cannot say it is safe to run Malware The file is a malware and should not be run The results of the file after manual analysis: Clean File is safe to run Malware The file is a malware file Potentially Unwanted Application (PUA) Applications such as Adware, Spyware and so on No Threat Found No malware found in the file, but cannot say it is safe to run Not Ready Indicates manual analysis of the file is in progress Indicates the status of files submitted for manual analysis. The statuses are: In Queue The analysis has not started In Progress The analysis has started and in progress Analysis Completed The analysis is completed and verdict displayed under the 'Manual Verdict' column Objected Indicates the user wants a reanalysis of the file. If the user thinks that the initial manual verdict for the file is wrong, he/she can submit it again for another manual analysis. Objection Completed Indicates the manual reanalysis is completed. The available actions are: View Info You can view the complete details of the results for the file such as summary, static analysis, dynamic analysis and file details. Refer to 'File Analysis Results' for more details. Download Automatic Analysis Report Allows you to download the report in PDF format. Refer to 'Download Automatic Analysis Report' for more details. View Virus Total Result Takes you to the Virus Total website that displays its results for the file. Refer to 'View Virus Total Results for the File' for more details. Send to Manual Analysis Allows you to submit the file for manual analysis by Comodo technicians. Refer to 'Send the File for Manual Analysis' for more details. 2015 Comodo Security Solutions Inc. All rights reserved. 13

File Analysis Results Click the 'View Info' icon under the 'Actions' column for a file to view its detailed results A new web page will open displaying the detailed results for the file. Click the 'Summary' tab Summary The top portion provides the file details such as its name, file type, and more. At the top right, the 'Valkyrie Final Verdict' is displayed. The details under 'Analysis Summary' displays the summary of the file analysis such as signature based detected, static analysis overall verdict and dynamic overall verdict for the file. To view the detailed results of static analysis of the file, click the 'Static Analysis' tab Static Analysis Static process includes analyzing the file's binary properties extracted from it such as its sections, entropy, packer type and many more. Any deviation from the expected values in these features provides the clue about the nature of the file. 2015 Comodo Security Solutions Inc. All rights reserved. 14

Scroll down the page to view static analysis overall verdict for the file as well as detailed result for each of the parameter checked for the file. To view the detailed results of dynamic analysis of the file, click the 'Dynamic Analysis' tab Dynamic Analysis The dynamic process includes the runtime behavior of the file in an test environment. The page provides the dynamic analysis overall verdict and behavioral information for the file. Scroll down the page to view the detailed behavioral information for the file. To view the more details about the file, click the 'File Details' tab File Details Provides additional file information such as the file path on the client machine, PE headers, PE sections and more. Scroll down the page to view the details of the file. Download Automatic Analysis Report Click the 'Download Automatic Analysis Report' icon in PDF format under the 'Actions' column for a file to download the report 2015 Comodo Security Solutions Inc. All rights reserved. 15

A new web page will open displaying the detailed results for the file. The report contains the compiled results of the automatic analysis explained in the File Analysis Results section. Scroll down the page to view the full report and save it. View Virus Total Results for the File Virus Total, a subsidiary of Google, is a information aggregation website and one of its function is to aggregate output data of different antivirus engines, website scanners and so on. Valkyrie allows to get the details of the file from this website. Click the 'View Virus Total Results' icon results for a file under the 'Actions' column for a file to view the Virus Total analysis The 'Virus Total' web page for the selected file will be displayed displaying its results. Scroll down the page to view the results for the file from different antivirus engines. 2015 Comodo Security Solutions Inc. All rights reserved. 16

Send the File for Manual Analysis You can also send a file for manual analysis by Comodo malware specialists for more comprehensive inspection in addition to the automated process. This is a premium service and users should subscribe for the same. Click the 'Send to Manual Analysis' icon Comodo engineers under the 'Actions' column to submit a file for manual analysis by After the file is submitted for manual analysis, it will show as 'In Queue' under the 'Status' column and 'Not Ready' under 'Manual Verdict'. The 'Send to Manual Analysis' icon also will not be available indicating the file is already submitted. After the manual analysis is over, the result will be displayed under 'Manual Verdict' column and the 'Status' column will be updated as 'Analysis Completed'. 4.2 Usage Statistics The 'My Valkyrie Usage Statistics' page of Valkyrie displays how many files are submitted for your account and displays the details for: Today Details of files submitted today This Week Details of files submitted for this week This Month Details of files submitted for month All Time Total number of files submitted since account creation To view your Valkyrie account usage statistics, click the 'My Stats' link 2015 Comodo Security Solutions Inc. All rights reserved. 17

The usage statistics page will be displayed. My Valkyrie Usage Statistics Table of Column Descriptions Column Header Description Date Indicates the period of usage Total Files Number of files submitted for the period Clean Number of files found to be clean Malware Number of files found to be malware files submitted Undetected Indicates the number of files in which no threat was found Automatic Analysis Number of files submitted for automatic analysis 2015 Comodo Security Solutions Inc. All rights reserved. 18

Manual Analysis Number of files submitted for manual analysis Basic Info Reg. Indicates the number of times the user has used Valkyrie REST API named fvs_basic_info, requesting basic analysis results from Valkyrie database such as if the file is uploaded before, verdict of last analysis, last analysis date, first analysis date, is the file whitelisted and so on. Full Info Req. This is same as Basic Info Req. but requested for greater detail. Indicates the number of times the user has used REST API named fvs_full_info, which is used to retrieve last analysis results from Valkyrie database in greater detail such as static, dynamic and manual results including behavioral and file information. UI Get Info Req. Indicates the number of times the user opened the detailed analysis results page from the Dashboard screen by pressing the button or doing a search by SHA1 of a file. Values inside parenthesis represents unique number of files in that category. For example: Under "Basic Info Req." if there is a number like 15(5) this means that you used basic info request 15 times for 5 different SHA1. 4.3 Activity Logs The 'Activity Logs' page provides the records of activities carried out for the Valkyrie account such as the activity date, user name, activity type and more. To view your Valkyrie Activity Logs, click the 'Activity Logs' link The activity logs page will be displayed. The number of logs to be displayed on each page can be selected from the 'Show entries' option on the left. 2015 Comodo Security Solutions Inc. All rights reserved. 19

Sort and search options Sorting the entries You can sort the items in ascending/descending order by clicking on the column headers. Searching for particular item(s) Enter the details partially or fully in the search field on the top right side. You can search for logs based on all the columns. To display all the logs again, clear the search field. Activity Logs Table of Column Descriptions Column Header Description Activity Date The date and time of using the Valkyrie account for a particular activity type User Name The logged user name for the account Client ID The identification number that was allotted by Valkyrie for the account Activity Type The name of the activity that was recorded. Source IP The IP of the computer from which the Valkyrie account was logged in and used API Key The private key of the user to use REST API SHA1 If a file is the subject of activity then its SHA1 hash details will be displayed here. 4.4 Valkyrie Lucky You Statistics The 'Valkyrie Lucky You Statistics' page provides the details of files submitted by you and detected as zero day malware by Valkyrie before it could be detected by AV industry or your AV vendor, meaning Valkyrie analysis was the first to detect the files as malware before anybody else. To view your 'Valkyrie Lucky You Statistics' details, click the 'Lucky You' link 2015 Comodo Security Solutions Inc. All rights reserved. 20

The 'Valkyrie Lucy You Statistics' page will be displayed: By default, the filter will be for today's date. You can change the report dates using the date fields beside the 'Filter' button. Click on the date field, select the date from the calendar or enter and click the 'Filter' button. 2015 Comodo Security Solutions Inc. All rights reserved. 21

The first table provides the details for the selected period. The second table provides the details from the date of account creation up to a day before the selected 'From' date. Valkyrie Lucky You Statistics Table of Column Descriptions Column Header Description # of Files Uploaded Total number of files uploaded Total Malware Total number of files detected as malware by Valkyrie 0day Malware undetected by AV Industry Number of files that were not detected as 0day malware file by the AV industry 0day Malware undetected by your previous vendor Number of files that were not detected as 0day malware file by your AV vendors. You can select your AV vendors from the settings screen. Refer to the section 'Configuring Valkyrie Account Settings' for more details. 4.5 Valkyrie Unknown File Statistics Files that are found to be neither 'Clean' nor 'Malware' after analysis are determined as 'No Threat Found' but still retain the status of 'Unknown' in the Valkyrie database. These unknown files are further analyzed to determine whether they are safe or malicious. The 'Valkyrie Unknown File Statistics' page provides the details of verdict changes and the average period taken to declare unknown files as either clean or malicious conclusively. To view your 'Valkyrie Unknown File Statistics' details, click the 'Unknown File Statistics' link 2015 Comodo Security Solutions Inc. All rights reserved. 22

The 'Valkyrie Unknown File Statistics' page will be displayed: By default, the filter will be for today's date. You can change the report dates using the date fields beside the 'Filter' button. Click on the date field, select the date from the calendar or enter and click the 'Filter' button. 2015 Comodo Security Solutions Inc. All rights reserved. 23

The first table provides the details for the selected period. The second table provides the details from the date of account creation up to a day before the selected 'From' date. Valkyrie Unknown File Statistics Table of Column Descriptions Column Header Description File Type The type of file submitted for analysis and remains as unknown # of Unknowns Number of unknown files for the selected period Unknown Whitelisted Number of unknown files that are whitelisted after further analysis Avg. time to Whitelist The average time taken to analyze and give whitelist status for the unknown files Unknown Malware Number of unknown files that are determined as malware after further analysis Avg. time to Malware The average time taken to analyze and determine as malware for the unknown files # of files remaining Unknown Number of unknown files remaining to be analyzed further for the selected period Known Whitelisted The total number files submitted during the selected period and found to be whitelisted in the Valkyrie database Known Malware The total number of files submitted during the selected period and determined as malware by Valkyrie The table at the end of the page provides the details of files that are unknown and under analysis as of now. 2015 Comodo Security Solutions Inc. All rights reserved. 24

4.6 Valkyrie Unknown File Weekly Statistics The 'Valkyrie Unknown File Weekly Statistics' page provides a graphical weekly summary of unknown files, unknown files that are whitelisted, unknown file that are determined as malware and total number of unknown files that are remaining to complete analysis. Refer to the previous section ''Valkyrie Unknown File Statistics' for more details. To view your 'Valkyrie Unknown File Weekly Statistics' details, click the 'Weekly Unknown File Stats' link The 'Valkyrie Unknown File Weekly Statistics' page will be displayed: 2015 Comodo Security Solutions Inc. All rights reserved. 25

The Xaxis represents the data for the last 7 days and the Yaxis represents the number of files. Unknown Files that are determined as unknown at first analysis Unknown > Whitelist Unknown files that are whitelisted after further analysis Unknown > Malware Unknown files that are determined as malwware after further analysis Total Remaining Unknown Cumulative value of the unknown files for the last 7 days Placing the mouse cursor over a particular legend highlights the respective graphical representation. For example, if you place the mouse cursor over 'Unknown' the line blue line representing it will be shown and other lines dimmed. Placing the mouse cursor over a point in the graph will display a call out table that provide the details for the respective day. 2015 Comodo Security Solutions Inc. All rights reserved. 26

4.7 Configuring Valkyrie Account Settings The 'Settings' interface allows you to update your personnel information such as name, change your current password and select your antivirus vendors that you are currently using for scanning files in your systems. To configure your account settings, click the 'Settings' link The 'Settings' screen will be displayed: 2015 Comodo Security Solutions Inc. All rights reserved. 27

User Information First Name The user name that you provided during account creation. Update if required. The name will displayed at the top right corner after signing into your account. Last Name The last name that you provide during account creation. Update if required. Email The email address that was provide during account creation. This field cannot be edited. Current Password Enter your password to reset it or if you update your antivirus vendors list below. New Password and RePassword Enter the new password and confirm in the next field. Click the 'Update' button. My Antivirus Vendors This section displays a list of antivirus vendors that provide virus scanning services. Select the vendor(s) that you are currently using or deselect a vendor. Enter your current password in the 'User Information' section above. Click the 'Update' button. The information will be updated. 2015 Comodo Security Solutions Inc. All rights reserved. 28

5 APT Risk Assessment Tool The Comodo APT (Advanced Persistent Threats) tool is a lightweight scanner capable of identifying APT's and other zeroday threats. After scanning your systems, it will classify all audited files as 'Safe', 'Malicious' or 'Unknown'. While 'Safe' files are OK and 'Malicious' files should be deleted immediately, it is in the category of 'Unknown' that most zeroday threats are to be found. The APT scanner allows you to upload these files to our Valkyrie servers where they will undergo a battery of runtime tests designed to reveal whether or not they are malicious. You can view the results of these tests in the APT interface. You can download the Comodo APT tool from the Valkyrie Dashboard page after logging into your account. Click the 'Download Valkyrie Hunter' button and save the file to your system. To run the APT tool, navigate to the location where the file is saved and double click on it Click 'Run' in the 'Open File Security Warning' dialog The Main Interface will be displayed: 2015 Comodo Security Solutions Inc. All rights reserved. 29

Please refer to our online Comodo APT Tool guide at https://help.comodo.com/topic36117328978introductiontocomodoaptriskassessmenttool.html to know more about how to use the tool. Refer the quick start section below that explains how to set up and run a scan: How to use the Comodo APT tool Step 1 Download, install and run the tool Login to your Valkyrie account and from the Dashboard page download the APT tool by clicking the 'Download Valkyrie Hunter' button. Step 2 Specify targets and run a scan The utility provides three methods of specifying target endpoints: Active Directory Import target computers via active directory. Workgroup Add computers that belong to a particular work group. Network Address Specify individual host names, IP addresses or IP ranges for scanning. If you need more help to specify targets, refer to our online guide at https://help.comodo.com/topic36117328981scanningcomputers.html. Click 'Start Scanning' to begin the scan. Step 3 Submit unknown files to Valkyrie (optional) and view results Upon scan completion, you will see a results summary as follows: 2015 Comodo Security Solutions Inc. All rights reserved. 30

Click 'OK' to submit all unknown files to Valkyrie for further examination. Valkyrie is an automated, cloudbased behavior analysis system which subjects unknown files to a battery of static and dynamic tests to try and discover malicious or anomalous behavior. Back in the APT interface, all 'Unknown' files from the ('local') APT scan will be shown in the 'Unknown Files' tab. If you submitted the unknown files to Valkyrie earlier, then it's findings will be displayed in the 'Valkyrie Analysis Results' tab: The bottom of the Valkyrie analysis results page displays a summary of files that are (still) unknown and those that Valkyrie found to be malicious. You can view a more detailed version of these results by creating an account at the Valkyrie website. To do so, click 'Please click here to see the detailed results' and select 'Create an Account' at https://valkyrie.comodo.com/login For more details on using Valkyrie, refer to https://help.comodo.com/topic36117328988valkyrieanalysisresults.html You also can view detailed scan results in the 'Reports' section: 2015 Comodo Security Solutions Inc. All rights reserved. 31

Executive / Executive Valkyrie Report Top level summary of scan results Per Device / Per Device Valkyrie Report Scan results per device scanned. Per Program / Per Program Valkyrie Report Scan results which provide details of each unknown / malicious program, and the devices upon which it was found. For more details about reports, see https://help.comodo.com/topic36117328989reports.html 2015 Comodo Security Solutions Inc. All rights reserved. 32

About Comodo The Comodo organization is a global innovator and developer of cyber security solutions, founded on the belief that every single digital transaction deserves and requires a unique layer of trust and security. Building on its deep history in SSL certificates, antivirus and endpoint security leadership, and true containment technology, individuals and enterprises rely on Comodo s proven solutions to authenticate, validate and secure their most critical information. With data protection covering endpoint, network and mobile security, plus identity and access management, Comodo s proprietary technologies help solve the malware and cyberattack challenges of today. Securing online transactions for thousands of businesses, and with more than 85 million desktop security software installations, Comodo is Creating Trust Online. With United States headquarters in Clifton, New Jersey, the Comodo organization has offices in China, India, the Philippines, Romania, Turkey, Ukraine and the United Kingdom. Comodo Security Solutions, Inc. Comodo CA Limited 1255 Broad Street 3rd Floor, 26 Office Village, Exchange Quay, Trafford Road, Salford, Greater Manchester M5 3EQ, Clifton, NJ, 07013 United States Email: EnterpriseSolutions@Comodo.com United Kingdom. Tel : +44 (0) 161 874 7070 Fax : +44 (0) 161 877 1767 For additional information on Comodo visit http://www.comodo.com. 2015 Comodo Security Solutions Inc. All rights reserved. 33

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback