Introducing Project Freta

Project Freta is a free, cloud-based offering from the New Security Ventures (NSV) team at Microsoft Research that provides automated full-system volatile memory inspection of Linux systems.

Please visit our launch announcement at https://aka.ms/freta/intro for more information about the offering's motivation and long-term goals.

Montage

Key Benefits

  • Detect novel malicious software, kernel rootkits, process hiding, and other intrusion artifacts via agentless operation by operating directly on captured VM snapshots

  • Very easy to use: submit a captured image to generate a report of its content

  • Memory inspection means no software to install, no notice to malware to evacuate or destroy data

  • Designed for automating IR-like discovery tasks directly into a cloud fabric -- though volatile memory snapshots captured from an acquisition tool can also be used for bare iron scenarios where virtualization is not available