Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
Security Open Source

CISA Open-Sources Thorium Platform For Malware, Forensic Analysis (bleepingcomputer.com) 7

Posted by BeauHD from the analysts-on-autopilot dept.
CISA has publicly released Thorium, a powerful open-source platform developed with Sandia National Labs that automates malware and forensic analysis at massive scale. According to BleepingComputer, the platform can "schedule over 1,700 jobs per second and ingest over 10 million files per hour per permission group." From the report: Security teams can use Thorium for automating and speeding up various file analysis workflows, including but not limited to:

- Easily import and export tools to facilitate sharing across cyber defense teams,
- Integrate command-line tools as Docker images, including open-source, commercial, and custom software,
- Filter results using tags and full-text search,
- Control access to submissions, tools, and results with strict group-based permissions,
- Scale with Kubernetes and ScyllaDB to meet workload demands.

Defenders can find installation instructions and get their own copy of Thorium from CISA's official GitHub repository.
This discussion has been archived. No new comments can be posted.

CISA Open-Sources Thorium Platform For Malware, Forensic Analysis More

CISA Open-Sources Thorium Platform For Malware, Forensic Analysis

Comments Filter:

  • Thanks CISA (Score:5, Interesting)

    by angryman77 ( 6900384 ) on Thursday July 31, 2025 @05:33PM (#65558780)
    It's nice of you guys to allow everyone else to do the job you're not allowed to do anymore as a result of some political hack deciding he wanted to give Putin the best BJ of his entire life.
  • Thorium is an open source Ereader app.

    Do your due diligence.

    • Re: (Score:2)

      by jmke ( 776334 )
      Thorium is a chemical element; it has symbol Th and atomic number 90


      Thorium is a web browser https://thorium.rocks/ [thorium.rocks]


      Do you due diligence.
      • Yes.
        Are you trying to make a point or emphasis my point ?

        "Do you due diligence."

        Yes, I due diligence, but I did not name the Thorium ereader app, the Thorium browser app, or any other element-name-based applications.

  • How does one ensure a safe supply chain of all of the open source software? I'm not knocking open source here. This seems like a great opportunity to hit the defenders, through bug in the processing chain and/or additions to the supply chain. Many eyes is a nice concept it isn't 100%.

Slashdot Top Deals

Administration: An ingenious abstraction in politics, designed to receive the kicks and cuffs due to the premier or president. -- Ambrose Bierce

Close