The new project has been named Freta by Microsoft.
In digital forensics, there are a variety of techniques that can be used to evaluate the data security analysts come across. One of these happens to be memory forensics in which a snapshot of the current state of a system is obtained to find any malware that may be lurking inside.
In line with this, Microsoft has just announced a new project called Freta which is focused on detecting both rootkits and other types of advanced malware through memory forensics.
Completely cloud-based; the tool was built by the NExT Security Ventures (NSV) team at Microsoft Research for Linux systems specifically.
The tool can be accessed via an online portal at freta.azurewebsites.net as shown below. However, you must have a Microsoft account such as @Msn.com, @Outlook.com, @Live.om, or @Hotmail.com to access to the tool.
The benefit of this is that many users can scan the memory of thousands of virtual machines very easily now without any complex setup, that too in a reasonably short timeframe. All they need to do is submit the image of the system and the program will do its job generating a report.
Explaining further, the researchers at Microsoft explain,
The Project Freta analysis engine consumes snapshots of whole-system Linux volatile memory and extracts an enumeration of system objects. Some kernel hooking identification is performed automatically; this can be used by analysts to detect novel rootkits.
Further, 4000 kernel versions are supported making its capabilities extensive. Commenting on their vision behind the tool, Microsoft states in an official blog post:
This prototype previews an exciting future option for cloud consumers: transitioning from boutique forensic consulting services to automated malware discovery built into the bedrock of a commercial cloud.
To conclude, Microsoft holds future development plans as well in relation to this tool. Those include supporting Windows, integrating artificial intelligence for detecting potential threats, and improved analysis functionality.
This remains another important milestone for the firm in demonstrating its values above and beyond just making commercially profitable software. Perhaps, Apple and co could learn a thing or two?
Microsoft on a free tool development spree
Lately, the tech giant has been launching trend-setting tools. For instance:
1- Last week, Microsoft launched “Windows File Recovery,” a tool that recovers your lost data from Windows devices for free.
2- A couple of weeks ago, the company launched “Safe Documents,” a tool in Office 365 that would automatically detect malware for free.
3- In March 2020, Microsoft launched a tool to address Coronavirus aka COVID-19 outbreak.
4- In January 2020, Microsoft launched “Project Artemis,” a tool aimed at identifying and reporting online pedophiles to relevant authorities.