A hybrid cloud platform that enriches web, Email, endpoint, network, storage and app alerts with local threat intelligence, automating triage and response for SOC analysts, while providing continuous attack monitoring for threat hunters
Users in the U.S. open 30% of all phishing emails, with 12% of those targeted clicking on the infected attachment or link. ReversingLabs can monitor, analyze and classify files directly in the “abuse box” for fast and accurate triage.
75% of organizations infected with ransomware had up-to-date endpoint protection, but SOC analysts and threat hunters lacked file visibility - missing malware from endpoints. ReversingLabs solves this problem instantly with actionable malware threat intelligence delivered directly to EDR solutions, enriching their data.
Enterprise SOCs see upwards of 170K events a week, but teams only clear an average of 12K events. ReversingLabs provides automated static analysis on files generating a unique source of threat intelligence and enriched metadata for SIEM or SOAR solutions.
Information from dynamic analysis solutions (sandboxes) is limited to objects that can be detonated (e.g. Windows files). ReversingLabs automated static analysis decomposes, unpacks and analyzes 360 different file formats and exposes details of those files, quickly and accurately without execution.
Businesses need to understand and identify externals threats in near real-time. ReversingLabs provides early intelligence about attacks before they infiltrate infrastructures. This visibility to threats “in-the-wild” enables preparation for new attacks and understanding of the threat levels of new files.
Bad actors can infiltrate business infrastructure, be it on-premises or in the cloud, and place malware literally anywhere. This malware can unknowingly spread across shares or reinfect cleaned systems should these systems be restored from infected backups. ReversingLabs can integrate with file shares and existing security solutions to detect malware in whatever form it may take.
In 2018, 29% of breaches involved use of stolen credentials. Bad actors can leverage a businesses own software to distribute malicious code. ReversingLabs can extract embedded resources from all installation packages and validate it’s malware free.
“[ReversingLabs] helps to automate SOC operations when it comes to identifying the highest priority threats. We're leveraging the APIs, so the whole process with respect to looking up information and retrieving information about threats is fully automated.”
"ReversingLabs extensive file and object support, and large file repository of both goodware and malware give us the threat intelligence needed to quickly and accurately detect threats."
Ben Oster | Senior Product Manager WatchGuard Technologies
"We are also using FireEye and Palo Alto. As far as I can tell, the quantity of files that ReversingLabs can process in a day is greater than many of these products. Also, the stability of this product seems to be much higher."
Large Financial Institution | Information Security Engineer IV