ReversingLabs, the provider of game-changing solutions for detection and analysis of advanced cyber threats, today announced the A1000 Malware Analysis Appliance that revolutionizes cyber threat analysis and incident response. The A1000 incorporates ReversingLabs’ unique and innovative Active File Decomposition technology that exposes and assesses Proactive Threat Indicators in malware that are invisible to conventional tools. The platform provides the industry’s broadest file type coverage, including: Windows, Linux, Mac OS, iOS, Android, documents and firmware. The A1000 ships as an on-premises appliance or a cloud-based application.
The proliferation of advanced cyber attacks has not only driven malware labs and response operations to scale up but has also forced other organizations to establish new in-house threat detection and analysis capabilities. Detecting new generations of malware has become increasingly difficult for conventional tools, yet detection alone is not enough. Organizations now must now understand their adversary’s identity, intent and capabilities. The A1000 platform provides a plug-and-play solution that significantly enhances an organization’s malware defense competence, productivity and effectiveness.
“The high stakes of advanced cyber attacks increasingly push organizations to expand their in-house malware detection and analysis capabilities,” said Mario Vuksan, CEO of ReversingLabs. “The A1000 Malware Analysis Platform provides an expertise multiplier to kick-start new operations and scale established teams.”
The A1000 is a plug-and-play platform that integrates ReversingLabs Active File Decomposition technology and the TitaniumCloud Threat Intelligence Knowledgebase with an integrated database and a powerful workflow management GUI. A Web-based GUI and an API enable analysts to input suspected samples, access unpacked files and view extracted Proactive Threat Indicators. The A1000 also calculates each file’s Threat Level to determine remediation priorities. The Proactive Threat Indicators for each file are stored in an on-board database with advanced search capabilities to find files with specific characteristics (e.g. domain name, virus family, exploit).
Conventional automated analysis tools rely on symptoms of attacks and thus miss malicious capabilities. For example, tools that observe the behavior of files while they execute (e.g. sandboxes) provide only a partial view of a threat’s capabilities. Instead, Automated Static Analysis dissects each file before execution to extract and classifies its “DNA”. This unique and powerful approach exposes threats not visible to other automated analysis tools. The files are completely unpacked to extract and classify their internal Proactive Threat Indicators in milliseconds. These indicators provide unprecedented visibility to identify and analyze advanced threats.
The A1000 Malware Analysis Platform is available now as an online cloud service, a virtual appliance or a 1U hardware appliance. The A1000 Cloud Edition annualsubscription starts at $10,000 per year.