2012-06-15 ReversingLabs™ announces new cloud-based threat intelligence web services.
TitaniumCloud™ classifies up-to-date information and provides powerful alert web services on over 1 billion malicious and non-malicious files and their internals.
June 15, 2012 - Cambridge, MA – ReversingLabs, the global leader in automated static malware analysis tools and services, announced today the TitaniumCloud™ (TiCloud™) web service that provides the industry’s most comprehensive source for threat intelligence on unknown files. The TiCloud database contains information on:
- 1 billion goodware samples
- 70 million malware samples with over 100,000 new samples daily
- 4 billion IP addresses and domains.
“TiCloud allows our customers to quickly classify suspicious files as they arrive in their organizations,” said Mario Vuksan, CEO of ReversingLabs. “This saves them hours of analysis on files already known to the industry and analyzed by a variety of tools.”
TiCloud supports powerful queries and alerts. Queries support advanced searches based on file contents, including: file hash, section hash, certificate information, imports, exports, section names and embedded strings. Alert services use custom-defined rules to check for conditions that spur notification. Initially, TiCloud supports three alert services:
- Brand Notification sends an alert anytime new malware samples contain the customer’s domain name, IP addresses or product names to identify threats targeting their organization.
- False Negative Detection allows a customer to upload suspicious files and receive alerts when they are detected by any of 25 venders’ anti-virus products in twice daily scans.
- False Positive Detection allows a customer to upload files of interest and receive alerts when they fail a twice-daily virus scan. Software vendors can receive immediate notification if any of 25 vendors’ anti-virus products falsely detect components of their products.
TiCloud not only identifies files but also provides rich information about their contents. Every sample is processed using the ReversingLabs TitaniumCore™ (TiCore™) automated static decomposition engine to extract all contained files and their internal information. The samples are recursively unpacked, decompressed, decrypted, repaired and de-obfuscated. The information extracted for the resulting components includes format, format validation, strings, sections and certificate chains. Samples are also scanned twice daily with 25 anti-virus products and the history is stored in TiCloud.
TiCloud supports automated workflows through a REST or SOAP-based web services interface. In addition to the cloud service, customers can purchase an on-premise appliance to meet high performance and security requirements. The web services interface enables customers to integrate TiCloud with their applications and workflow.
ReversingLabs develops analysis tools that enable security professionals to detect malicious code and hidden content in unknown files from computers and mobile devices. TitaniumCore, the company’s award winning file analysis platform, removes all protection and obfuscation artifacts, unwraps formatting elements and extracts relevant meta-‐data. Binary content normally not identified by whitelist, blacklist and sandbox tools can thus be analyzed and classified. These tools provide the fastest and most comprehensive solutions for decomposing and extracting data from unknown binary files.
The company's global customers come from a number of sectors including antivirus vendors, government agencies and commercial enterprises. ReversingLabs is privately held with employees in the United States, Croatia and Switzerland. For more information, visit http://www.reversinglabs.com or call +1 617-250-7518.
+1 (617) 250-‐7518