Overview

This is a Ubuntu image with Assemblyline pre-installed.

Assemblyline is a scalable file triage and malware analysis system integrating the cyber security community's best tools.

Assemblyline minimizes the number of harmless files that IT practitioners are required to inspect every day, allowing them to collaborate with other users to customize and improve the platform in the process.

Steps A) Assemblyline works very much like a conveyor belt: files arrive in the system and are triaged in a certain sequence. B) Assemblyline generates information about each file and assigns a unique identifier that travels with the file as it flows through the system. C) Users can add their own analytics, which we refer to as services, to Assemblyline. D) The services selected by the user in Assemblyline then analyze the files, looking for indications of maliciousness and/or extracting features for further analysis. - The system generates alerts about a malicious file at any point during the analysis and assigns the file a score. - The system can also trigger automated defensive systems. - Malicious indicators generated by the system can be distributed to other defense systems.

Highlights

Quick setup with Assemblyline preinstalled
Free and available on demand

Details

Sold by

Canadian Centre for Cyber Security

Typical total price

This estimate is based on use of the seller's recommended configuration (m4.2xlarge) in the US East (N. Virginia) Region. View pricing details

$0.40/hour

Pricing

Geekweek 9 Assemblyline - Experimental

Info

View purchase options

Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time.

Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.

Region

Usage costs (6)

Info

Instance type	Product cost/hour	EC2 cost/hour	Total/hour
t3.large	$0.00	$0.083	$0.083
t3.xlarge	$0.00	$0.166	$0.166
t3.2xlarge	$0.00	$0.333	$0.333
m4.2xlarge Recommended	$0.00	$0.40	$0.40
m4.4xlarge	$0.00	-	-
m4.10xlarge	$0.00	-	-

Additional AWS infrastructure costs

Type	Cost
EBS General Purpose SSD (gp2) volumes	$0.10/per GB/month of provisioned storage

Vendor refund policy

This is a free product

Legal

Vendor terms and conditions

Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

Content disclaimer

Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

Usage information

Info

Delivery details

64-bit (x86) Amazon Machine Image (AMI)

Amazon Machine Image (AMI)

An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.

Version release notes

This is a basic Ubuntu image with an appliance instance of Assemblyline preinstalled.

The admin username/password is configured as: User: admin Password: geekweekAssemblyL1ne

See the Usage instructions for steps to change this.

Additional details

Usage instructions

To connect to your running instance, ensure you use the "ubuntu" user. AWS may incorrectly suggest "root". (e.g. ssh ubuntu@<public-ip>)

You'll need to update your domain settings to match the public IP or DNS where your EC2 instance is running. To do so, follow these steps to create a new self-signed certificate with your public IP/domain in the subject and configure Assemblyline to use your domain:

cd ~/deployments/assemblyline
Use your favourite editor to open ~/deployments/assemblyline/.env
Update 'DOMAIN' with your public IP address or public DNS
Create your https certs (replacing <public-IP-address> with what you used in the last step): openssl req -nodes -x509 -newkey rsa:4096 -keyout ~/deployments/assemblyline/config/nginx.key -out ~/deployments/assemblyline/config/nginx.crt -days 365 -subj "/C=CA/ST=Ontario/L=Ottawa/O=CCCS/CN=<public-IP-address>"
Restart: sudo docker-compose restart

Now you should be able to access the Assemblyline User Interface at https://<your-public-ip-or-domain>

To update the admin username/password:

cd ~/deployments/assemblyline
Use your favourite editor to open ~/deployments/assemblyline/.env
Update 'AL_ADMIN_USER' with your desired user and 'AL_ADMIN_PASSWORD' with your desired password
Restart: sudo docker-compose restart

For more information on configuration options see https://cybercentrecanada.github.io/assemblyline4_docs/

Support

Vendor support

For more information on the configuration options for Assemblyline, see the documentation page: https://cybercentrecanada.github.io/assemblyline4_docs/ Join our discord server:

Get support

AWS infrastructure support

AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

Get support

Customer reviews

Write a review

Ratings and reviews

Info

0 ratings

5 star

4 star

3 star

2 star

1 star

0 AWS reviews

No customer reviews yet

Be the first to write a review for this product.