Second Look® | Linux Memory Forensics for Incident Response, Information Assurance, and More

Second Look®: The Linux Memory Forensics Solution

Second Look® provides powerful, easy-to-use memory acquisition and analysis capabilities for Linux systems. These capabilities can be used to respond to and investigate computer security incidents as well as to proactively assure the security of Linux systems and detect intrusions. Our customers include the IT security teams of major corporations, firms which have investigated numerous high-profile security breaches, and government agencies responsible for protecting highly-sensitive data. Learn more about the Incident Response and Enterprise Security editions of Second Look®...

Linux Memory Acquisition

Second Look® preserves the volatile state of a target system, capturing evidence and information that does not exist on disk and may otherwise be lost for good as an investigation proceeds. Learn more about Linux memory acquisition...

Kernel Integrity Verification

Second Look® analyzes the Linux kernel in live system memory or a captured memory image, detecting and helping to reverse engineer kernel malware, including stealthy rootkits and backdoors. Learn more about Second Look's memory analysis capabilities...

Process Integrity Verification

Second Look® verifies that only known, authorized, and unmodified programs are running, and that they don't harbor malicious injected code. Learn more about Second Look's memory analysis capabilities...