SCCMTSPSI
SCCMTSPSI

Redline

Redline, FireEye’s premier free endpoint security tool, provides host investigative capabilities to users to find signs of malicious activity through memory and file analysis and the development of a threat assessment profile.

Additional information

Architecture

x64, x86
Software vendor

Fireeye
Vendor website

https://www.fireeye.com
redline-fireeye-application-packging-1

With Redline, you can:

  • Thoroughly audit and collect all running processes and drivers from memory, file-system metadata, registry data, event logs, network information, services, tasks and web history.
  • Analyze and view imported audit data, including the ability to filter results around a given timeframe using Redline’s Timeline functionality with the TimeWrinkle™ and TimeCrunch™ features.
  • Streamline memory analysis with a proven workflow for analyzing malware based on relative priority.
  • Perform Indicators of Compromise (IOC) analysis. Supplied with a set of IOCs, the Redline Portable Agent is automatically configured to gather the data required to perform the IOC analysis and an IOC hit result review.

Source => https://www.fireeye.com/services/freeware/redline.html

Note: We can help make ‘Redline’  installer enterprise deployment ready.

osd365 | Global application packaging services

Application packaging plays a vital role in efficiently managing software deployments within organizations.  

Application packaging minimizes cost and improves System efficiency during and after deployment of the software to the System.

osd365 application packaging services provides the following advantages.

  • Custom osd365 uninstall codes : This helps organizations identify and uninstall software installed outside of the purview of the organizations software management systems.
  • Desktop shortcuts : If not directed otherwise, desktop shortcuts will not be installed.
  • Silent : If not directed otherwise, all our installation processes are silent.

Note : Some software vendors do not make their software available to the public domain. In such cases, you have to download and provide the software and the appropriate licenses.

Request for quote

Please login to submit a request.

DCOM hardening issue.

This application fails to authenticate with WMI on the SCCM server because Microsoft has not yet hardened DCOM on their Windows Preinstallation Environment. We are working on a different approach, but it will only be released during the first quarter of 2024. But until that time, the only workaround will be to uninstall the update corresponding to KB5004442.