CISA Open-Sources Thorium Platform For Malware, Forensic Analysis (bleepingcomputer.com)
(Thursday July 31, 2025 @05:20PM (BeauHD)
from the analysts-on-autopilot dept.)
- Reference: 0178527236
- News link: https://it.slashdot.org/story/25/07/31/2033245/cisa-open-sources-thorium-platform-for-malware-forensic-analysis
- Source link: https://www.bleepingcomputer.com/news/security/cisa-open-sources-thorium-platform-for-malware-forensic-analysis/
CISA has publicly [1]released Thorium, a powerful open-source platform [2]developed with Sandia National Labs that [3]automates malware and forensic analysis at massive scale . According to BleepingComputer, the platform can "schedule over 1,700 jobs per second and ingest over 10 million files per hour per permission group." From the report:
> Security teams can use Thorium for automating and speeding up various file analysis workflows, including but not limited to:
>
> - Easily import and export tools to facilitate sharing across cyber defense teams,
> - Integrate command-line tools as Docker images, including open-source, commercial, and custom software,
> - Filter results using tags and full-text search,
> - Control access to submissions, tools, and results with strict group-based permissions,
> - Scale with Kubernetes and ScyllaDB to meet workload demands.
>
> Defenders can find installation instructions and get their own copy of Thorium from [4]CISA's official GitHub repository .
[1] https://www.cisa.gov/news-events/alerts/2025/07/31/thorium-platform-public-availability
[2] https://www.sandia.gov/labnews/2024/09/05/cybersecurity-suite-now-on-duty-defending-the-nation/
[3] https://www.bleepingcomputer.com/news/security/cisa-open-sources-thorium-platform-for-malware-forensic-analysis/
[4] http://github.com/cisagov/thorium
> Security teams can use Thorium for automating and speeding up various file analysis workflows, including but not limited to:
>
> - Easily import and export tools to facilitate sharing across cyber defense teams,
> - Integrate command-line tools as Docker images, including open-source, commercial, and custom software,
> - Filter results using tags and full-text search,
> - Control access to submissions, tools, and results with strict group-based permissions,
> - Scale with Kubernetes and ScyllaDB to meet workload demands.
>
> Defenders can find installation instructions and get their own copy of Thorium from [4]CISA's official GitHub repository .
[1] https://www.cisa.gov/news-events/alerts/2025/07/31/thorium-platform-public-availability
[2] https://www.sandia.gov/labnews/2024/09/05/cybersecurity-suite-now-on-duty-defending-the-nation/
[3] https://www.bleepingcomputer.com/news/security/cisa-open-sources-thorium-platform-for-malware-forensic-analysis/
[4] http://github.com/cisagov/thorium
Thanks CISA (Score:3)
It's nice of you guys to allow everyone else to do the job you're not allowed to do anymore as a result of some political hack deciding he wanted to give Putin the best BJ of his entire life.