Collect Analyze Protect

New way of closing advanced malware detection gaps


Continuous Incident Response

Proactive data acquisition and inspection provides defenders with the best means of defense against sophisticated cyber attacks. This ReversingLabs solution provides actionable intelligence on data collected from networks, storage and endpoints allowing security policy changes and the addition of custom detection rules and policies.



Unmonitored file flows within an IT infrastructure represent an enormous security blind spot and vulnerability. Industry experts report that less than a third of breaches are discovered by the targeted organization.



Our network appliance uses unique technologies to detect malicious files in web, email and file transfer traffic before execution. These technologies evaluate file DNA rather than symptoms of their behavior.



Our file reputation service and Automated Static Analysis technology provide the industry's most comprehensive contextual information on goodware and malware.


How does CIR work?

The client deploys one or more sensors in the environment to analyze and collect data. These sensors are on the network (N1000) and/or on the endpoint (S1000). The sensors operate autonomously to detect threats in their respective domains but report findings (e.g. scan report or real-time file flow) and collected files back to the central server - A1000.

Mario Vuksan, RL CEO
No single person or security company — I don’t care how good you are — can clean up everything. And unless you completely disinfect a system, it will come back.
Mario Vuksan, RL CEO The New York Times
Tomislav Pericin, RL CSA
Continuous incident response (CIR) is ReversingLabs answer to increased number of advanced persistent threats attacking business environments. At its heart CIR is about the constant need for vigilance.
Tomislav Pericin, RL CSA RL Tech Talk


More from the Newsroom