Most web workers are hip to security software applications. You probably run anti-virus software, and perhaps you use a Virtual Private Network (VPN) application when working from a public hotspot. (If you don’t run these applications, you should.) Recently, though, I’ve been using a more unusual, but definitely useful, security application from computer forensics company Mandiant, called Red Curtain.
Red Curtain is free to download and use, and it’s designed for the analysis of possible malware. It “examines executable files (e.g., .exe, .dll, and so on) to determine how suspicious they are based on a set of criteria” and then assigns each examined file a score.
Red Curtain examines a number of specific aspects of an executable, looking at things such as the entropy (or the randomness), indications of packing, compiler and packing signatures, the presence of digital signatures, and other characteristics to generate a threat “score.” According to Mandiant, “this score can be used to identify whether a set of files is worthy of further investigation.”
I’ve found Red Curtain useful in conjunction with anti-virus and anti-spyware software. After I finish my scans, when anti-virus and anti-spyware applications will occasionally flag files as possibly presenting problems, I quickly run a scan on the flagged files using Red Curtain. As one might expect for an application created by a computer forensics firm, it does a very dependable job of confirming whether suspicious files ought to be deleted right away.
You can download Red Curtain free, here. If you, as I do, constantly add to your arsenal of security applications, this one is worth a try.
Do you have any favorite unsung security applications?