Please call for US Law Enforcement and Education discounts
Perform enterprise wide collection of malicious code hashes on multiple targets simultaneously
Includes a single user license of Gargoyle Investigator™ Forensic Pro
20 datasets containing over 10,000 types of malicious software
Dataset Creator™-create and build your own categories for detection
Utilize created datasets to search for known documents that only you should have access to
Interoperates with popular forensic tools such as EnCase™ and FTK™
Timestamped enterprise discovery reports for each target suspected
Microsoft Windows 2000
230 MB free disk space
1 GB RAM
Pentium III 1 GHz processor
Enterprise license with 10 scan option, additional scans of 25, 50 and 100 are available
Annual Software Maintenance Information..
What is Gargoyle Investigator Enterprise Module (GEM)?
GEM allows customers to execute malware discovery across their enterprise to root out malicious code infiltration and use. GEM is simple to use, investigators can quickly target systems for investigation, simultaneously launch the discovery agent and perform remote malware discovery. Once identified, Gargoyle also maps the detected files to the associated cyber weapons, and classifies them into a category of malware. With the ability to identify potentially hostile or suspicious programs based on the loaded datasets, the classification of those hostile programs, and the ability to view the suspect from a new aspect, while ascertaining incriminating behaviors or methods; this becomes a core tool for your investigation.
Is Gargoyle court approved?
Gargoyle has been taken to court and used for several cases. With the easy to read HTML, timestamped reports, Gargoyle provides detailed evidence that is court ready. Click here to read our customer testimonials.
What is included in the package?
Each scan option of GEM includes a copy of Gargoyle Investigator Forensic Pro, the selected scan option, an enterprise license and one year of free software maintenance.
How many systems can I scan?
Depending on the size of your network, the GEM is available to support simultaneous scans up to 100 computer systems. We offer options of 10, 25, 50, and 100 simultaneous scans.
What can be identified?
Gargoyle provides the investigator with the ability to glean important suspect characteristics from the information revealed. The suspect's sophistication, covert behaviors, and paranoia levels (has the suspect tried to delete incriminating programs?) can all be derived when searching for applications with a common theme. These behaviors can assist in assessing suspect capability, activities, intent, threat or "consciousness of guilt".
What is a dataset?
A Dataset is simply a collection of malware applications and files, organized into a relational database. The database is formatted similarly to the NSRL distributions. One dataset (database file) is created for each malware category.
Separate datasets can be created for various classifications of malware (i.e., encryption software, steganography software, vulnerability assessment tools, network sniffers, port scanners, hacker tools, password cracking tools, Denial of Service tools, etc.). Many of these datasets are currently available within Gargoyle. Additional Datasets updates are released about every month.