Malware Analysis Platform

Malware Analysis Platform

Cybersecurity Threat Analysis Platform


Key Features


Definitive File Analysis: unpack, de-obfuscate, extract internal indicators and assign threat levels in milliseconds


Universal Format Coverage: includes PE, ELF, MachO, Dex, .NET, Java, JS, documents, firmware, business apps


Integrated YARA Rules Engine: utilize custom rules to identify/enable new and advanced malware detection


Private File Analysis: files not shared publicly, files and results never leave your site

Request a demo


The A1000 Malware Analysis Platform supports advanced hunting and investigations through the TitaniumCore high-speed automated static analysis engine. It is integrated with file reputation services to provide in-depth rich context and threat classification on over 8 billion files and across all file types. The A1000 supports visualization, APIs for integration with automated workflows, a dedicated database for malware search, global and local YARA Rules matching, as well as integration with 3rd party sandbox tools.

A1000 Malware Analysis and Hunting

The A1000 accelerates analysis for users at different levels from the helpdesk to an 'analyst workbench’ for deeper analysis. It assesses malware and malware status changes as malware families morph over time via obfuscation and other techniques. Integration with TitaniumCloud enables users to search across 8 billion goodware and malware files and to privately upload files samples for analysis.

A1000 product Graph


Integrated Malware Analysis & Investigation

  • Analysis Engine performs high-speed, static analysis to unpack files, extract internal indicators and assign a threat level
  • Integrated database enables safe, secure storage of results and to search samples by threat indicators
  • Visualization GUI for quickly understanding critical info

Automated Static File Analysis

  • Processes files within milliseconds
  • Evaluates functional similarity to known malware
  • Build and deploy custom YARA rules
  • Identifies more than 3600 file formats
  • Unpacks over 360 file formats of archives, installers, packers & compressors
  • Extracts over 3000 threat indicators

Private Content Repository

  • Provides safe storage of malicious/suspicious files
  • Stores file context in an onboard searchable database
  • Enables private, safe sample sharing & historical analysis

Extensive Search & Hunting

  • Search by hash, imphash, file name, #tags and more
  • Enables pivots on functional similarity and threat indicators
  • Supports user-defined YARA Rules for matching and hunting

Alerting Subscription and Management

  • Easy to subscribe to the following alerts: Classification change, Sample availability, YARA Ruleset match, Cuckoo Analysis complete, File Upload complete, TitaniumCloud scan complete

Customer Option: Advanced Search

  • Build powerful queries with search modifiers and operators
  • Select from hundreds of expressions and dozens of keywords
  • Identify files according to antivirus detections
  • Perform targeted queries on large sample datasets

Customer Option: Active YARA & Retro-YARA Rules

  • Users can hunt through 90 days of data history
  • Real-time updates are provided with full results in < 2hrs
  • Progress is reported via API or GUI for real-time updates

Integrated with TitaniumCloud File Reputation Services

  • Access to a comprehensive, curated source of threat intelligence and reputation data on 8 billion Goodware and Malware for global context
  • Enables upload/download samples via GUI
  • Supports YARA Rules Search

Supports Integration

  • Supports automated analysis workflows via REST Web Services API
  • Integrates directly with Cuckoo and Joe Sandbox
  • Delivered as hardware, VMDK or Cloud-based appliance