Velociraptor is a sophisticated digital forensics and incident response tool designed to improve your insight into endpoint activities. Velociraptor enables you to conduct precise and rapid collection of digital forensic data across multiple endpoints simultaneously. Persistently gather events from endpoints, including event logs, file changes, and process activities. Store these events centrally for an unlimited period, allowing for historical examination and analysis. Be proactive rather than reactive. You can use a collection of forensic artifacts … More

The post Velociraptor: Open-source digital forensics and incident response appeared first on Help Net Security.