Compare Features

LOG-MD Versions.

Feature Free Professional Consulting
Audit Check
Bypass Audit Check
PowerShell version and audit log checks
WLCS & CIS Compliance
USGCB & AU ACSC Compliance
Create Audit Report
Specify Output Directory
Harvest Windows Log Events
Harvest Sysmon Service Events
Whitelist Processes, Command Line and IP's
Whitelist Files, Paths & Reg Keys
Detailed Log Data Reports 14 25 25
Specify Output Directory
File Hash Baseline
File Hash Compare to Baseline
Whitelist by File, Location or Hash
Locked Files Report
Locked Files Compare to Baseline
Specify Output Directory
Registry Baseline
Registry Compare to Baseline
Evaluate Imported Hives
Whitelist Keys & Values
Specify Output Directory
Large Reg Keys Details
Load Hives from other systems
Large Reg Key Summary
Specify Output Directory
WhoIs data for IP's in the IP Connections reports
Command line WhoIs lookups of IPv4 addresses
Harvest SRUM data - Netflow data by Application (Win 8.1 and 10 only ) ver 1.1
List of AutoRuns Report (ver 1.2)
AutoRuns exclude results using Master Digest and Whitelist (ver 1.2)
VirusTotal lookups of hashes and/or files from reports
10 VirusTotal reports can be generated from log reports and Sysmon
For Consultants
Transferrable 90 Day License
Special Artifact Hunting Features
Sticky Key Exploit Interesting Artifact Report
null byte in a registry value Interesting Artifact Report
Manual pages 10 50 50
LOG-MD-Pro Slack Channel Community
  • Multiple whitelists allow for excluding known good items
  • Master-Digest is a sorted unique list of hashes used to exclude large amounts of files from the results