The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has publicly launched Thorium, an open-source platform designed to support malware analysis and digital forensics across various sectors.
Built in collaboration with Sandia National Laboratories, Thorium enables automation of complex cybersecurity tasks and can process over 10 million files per hour per permission group. According to CISA, the platform integrates commercial, open-source, and custom tools to streamline digital investigations, such as software analysis and incident response.
Security teams can easily import and share tools, manage access with permission controls, and scale the system using Kubernetes and ScyllaDB. Analysts can search and filter results efficiently while incorporating Dockerized command-line utilities.
Thorium is now available on CISA’s GitHub, where teams can access installation guidance. This follows other recent CISA efforts, including the release of the Eviction Strategies Tool and the public launch of its Malware Next-Gen system.
Read more...