Solutions

Solution 1

Elastic File Analysis

The only elastic solution for real-time file and object analysis

In-depth file analysis with distributed YARA rules processing for identifying:

  • Threats and data spillage
  • Policy violations
  • Regulatory Risks
  • Modular solution that scales to process millions of files daily
  • Integration with 3rd party security solutions and APIs to support custom applications

ReversingLabs provides the industry’s first modular, high volume file classification solution, that scales to assess million of files from various sources including endpoints, network and storage.

Elastic object processing detects malware and zero day and performs YARA based classification for DLP, malware identification, policy violations and regulatory compliance.

Elastic File Analysis works within customer security infrastructures for file extraction, deep analysis, event reporting, YARA hunting and response.

Solution 2

Malware Hunting

Next generation YARA hunting platform with advanced pivots

  • Automated recursive decomposition of files with classification using YARA rules
  • Pivoting based on functional similarity, malware family and actor designations
  • Hardware, virtual or AWS appliance options keep files for privacy
  • GUI with API to support automation and hunting

ReversingLabs File Reputation services support malware hunting using a pool of over 5 billion objects. Analysts can use YARA rules, malware search and functional similarity pivoting to identify APT, data spillage, brand abuse and malware.

In addition, the ReversingLabs A1000 Malware Analysis appliance automates discovery and deep analysis of files. SOC, CERT, IR and forensic teams can quickly analyze unknown binary content and hunt for threats. The appliance extracts and classifies thousands of indicators on each file and uses YARA rules to define custom classification

Solution 3

Reputation Services

World’s largest Whitelist and Blacklist on over 5B unique files

  • Detailed file analysis and classification
  • Curated up-to-date whitelist and blacklist of over 5 billion files
  • Upload/download files for analysis 20+ threat intelligence APIs and feeds

File Reputation information is critical for EDR and forensics applications. ReversingLabs maintains the industry’s most comprehensive, up-to-date information on goodware and malware. The service catalogs over 5 billion files while adding over 6 million new files daily.

All files are processed using advanced automated static analysis and cross-referenced with results from 40+ anti-virus products. Advanced classification methods generate reputation on files and related URI information which is accessible via REST query APIs and data feeds.

File status change alerting and YARA hunting services IP/Domain used by malware services.