Advanced Search
Search Results
174 total results found
Is Cyber Crucible an EDR, XDR, MDR? Or Something Else Like Agentic AI?
Cyber Crucible’s data extortion prevention software is, strictly speaking, a Windows kernel driver and Windows service. The software communicates with our remote servers for ingestion (mostly using REST). Upon ingestion to the Cyber Crucible servers (w...
How do I monitor Agent Health?
Created by Dennis Underwood, last modified by Mark Weideman on Sep 27, 2023 Offline/Online Agent Monitoring Agents Page On the Agents page, the date and time of the last check-in per activity is tracked. Generically speaking, if a software agent is...
_General
Created by Noah Greenberg on Apr 18, 2024 Desktop Version Server Version Support 11108.18 2025 2022201920162012 R22012 R1 Fully supported. 7 2008 R2 Must be patched for SHA-2 code signing support. Vista and below 2008 R1 ...
What are Normal Resource Consumption Rates for RAM and CPU?
Typical CPU usage is 1% or lower (which shows as 0% on most monitoring tools, like Task Manager). Typical RAM usage is less than 10 MB. Most desktop and server usage is around 5MB. We also monitor memory usage of the driver in kernel space, to monitor f...
How can I tell Cyber Crucible is running on the system?
Services Open up Task Manager. Click on the Services tab. Sort by name if necessary, and scroll to CyberCrucibleAgent/ Cyber Crucible Agent Kernel Driver Open a command prompt as Administrator. Run the command observed in the below screensho...
_General
...
Does Cyber Crucible collect encryption keys?
The shortest answer is, “No.” There was a time where Cyber Crucible software was not stopping ransomware encryption pre-encryption. Instead was collecting possible encryption keys or settings, then using a variety of techniques to figure out the proper ...
Can Cyber Crucible silently respond to an attack, but not alert/notify me?
Created by Dennis Underwood, last modified on May 18, 2022 You may find that there are legitimate scenarios where you do not want an application doing something (probably on your machines, but do not need notified every time. This is a separate situ...
How can I investigate the root cause of an event?
Memory Analytics Process Injection Analytics Process Creation Analytics Putting it altogether - an end to end investigation Why did we choose to show this example? There are three building blocks of analysis available to you, while investi...
Can Cyber Crucible stop lateral attacker movement?
Created by Dennis Underwood, last modified on Jul 03, 2022 The product’s behavioral engine and Zero Trust methodologies effectively gather evidence of lateral movement. That can be evidence of lateral movement from process to process on the machine ...
_General
...
Does Cyber Crucible stop all process injection?
No! There are a variety of activities which occur on systems which are process injection, but are not necessarily malicious. Cyber Crucible makes all of these process injection activities visible for threat hunting and root cause analysis, but do not s...
How do I automatically allocate licenses from a distribution group?
Where is the Source Distribution Group Setting? When Does the Source Distribution Group Setting Get Used? Where is the Source Distribution Group Setting? The Source Distribution Group setting can be used to automatically allocate licenses. This...
_General
...
How do I know when an agent is done with Self Configuration After Installation?
On the Agents page on the dashboard, each agent has a few timestamps denoting the last time it received certain types of information. An agent is considered done with self configuration when, in addition to having a valid license assigned, it has re...
_General
...
Does Cyber Crucible pass ransomware simulation tests?
The best answer is…it depends on the quality and accuracy of the ransomware simulations, but we haven’t seen many high quality tests that match true attack tools and behaviors. Cyber Crucible examines underlying behavioral patterns in file access, memor...
_General
...