Listing Thumbnail

    Geekweek 9 Assemblyline - Experimental

     Info
    Assemblyline is a scalable file triage and malware analysis system integrating the cyber security community's best tools. This is a Ubuntu image with Assemblyline pre-installed.
    Listing Thumbnail

    Geekweek 9 Assemblyline - Experimental

     Info

    Overview

    This is a Ubuntu image with Assemblyline pre-installed.

    Assemblyline is a scalable file triage and malware analysis system integrating the cyber security community's best tools.

    Assemblyline minimizes the number of harmless files that IT practitioners are required to inspect every day, allowing them to collaborate with other users to customize and improve the platform in the process.

    Steps A) Assemblyline works very much like a conveyor belt: files arrive in the system and are triaged in a certain sequence. B) Assemblyline generates information about each file and assigns a unique identifier that travels with the file as it flows through the system. C) Users can add their own analytics, which we refer to as services, to Assemblyline. D) The services selected by the user in Assemblyline then analyze the files, looking for indications of maliciousness and/or extracting features for further analysis. - The system generates alerts about a malicious file at any point during the analysis and assigns the file a score. - The system can also trigger automated defensive systems. - Malicious indicators generated by the system can be distributed to other defense systems.

    Highlights

    • Quick setup with Assemblyline preinstalled
    • Free and available on demand

    Details

    Categories

    Delivery method

    Delivery option
    64-bit (x86) Amazon Machine Image (AMI)

    Latest version

    Operating system
    Ubuntu 22.04

    Typical total price

    This estimate is based on use of the seller's recommended configuration (m4.2xlarge) in the US East (N. Virginia) Region. View pricing details

    $0.40/hour

    Features and programs

    Financing for AWS Marketplace purchases

    AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
    Financing for AWS Marketplace purchases

    Pricing

    Geekweek 9 Assemblyline - Experimental

     Info
    Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time.
    Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator  to estimate your infrastructure costs.

    Usage costs (6)

     Info
    Instance type
    Product cost/hour
    EC2 cost/hour
    Total/hour
    t3.large
    $0.00
    $0.083
    $0.083
    t3.xlarge
    $0.00
    $0.166
    $0.166
    t3.2xlarge
    $0.00
    $0.333
    $0.333
    m4.2xlarge
    Recommended
    $0.00
    $0.40
    $0.40
    m4.4xlarge
    $0.00
    -
    -
    m4.10xlarge
    $0.00
    -
    -

    Additional AWS infrastructure costs

    Type
    Cost
    EBS General Purpose SSD (gp2) volumes
    $0.10/per GB/month of provisioned storage

    Vendor refund policy

    This is a free product

    Legal

    Vendor terms and conditions

    Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Usage information

     Info

    Delivery details

    64-bit (x86) Amazon Machine Image (AMI)

    Amazon Machine Image (AMI)

    An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.

    Version release notes

    This is a basic Ubuntu image with an appliance instance of Assemblyline preinstalled.

    The admin username/password is configured as: User: admin Password: geekweekAssemblyL1ne

    See the Usage instructions for steps to change this.

    Additional details

    Usage instructions

    To connect to your running instance, ensure you use the "ubuntu" user. AWS may incorrectly suggest "root". (e.g. ssh ubuntu@<public-ip>)

    You'll need to update your domain settings to match the public IP or DNS where your EC2 instance is running. To do so, follow these steps to create a new self-signed certificate with your public IP/domain in the subject and configure Assemblyline to use your domain:

    1. cd ~/deployments/assemblyline
    2. Use your favourite editor to open ~/deployments/assemblyline/.env
    3. Update 'DOMAIN' with your public IP address or public DNS
    4. Create your https certs (replacing <public-IP-address> with what you used in the last step): openssl req -nodes -x509 -newkey rsa:4096 -keyout ~/deployments/assemblyline/config/nginx.key -out ~/deployments/assemblyline/config/nginx.crt -days 365 -subj "/C=CA/ST=Ontario/L=Ottawa/O=CCCS/CN=<public-IP-address>"
    5. Restart: sudo docker-compose restart

    Now you should be able to access the Assemblyline User Interface at https://<your-public-ip-or-domain>

    To update the admin username/password:

    1. cd ~/deployments/assemblyline
    2. Use your favourite editor to open ~/deployments/assemblyline/.env
    3. Update 'AL_ADMIN_USER' with your desired user and 'AL_ADMIN_PASSWORD' with your desired password
    4. Restart: sudo docker-compose restart

    For more information on configuration options see https://cybercentrecanada.github.io/assemblyline4_docs/ 

    Support

    Vendor support

    For more information on the configuration options for Assemblyline, see the documentation page: https://cybercentrecanada.github.io/assemblyline4_docs/  Join our discord server:

    AWS infrastructure support

    AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

    Customer reviews

    Ratings and reviews

     Info
    0 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    0%
    0%
    0%
    0%
    0%
    0 AWS reviews
    No customer reviews yet
    Be the first to write a review for this product.