Definitive File Analysis: unpack, de-obfuscate, extract internal indicators and assign threat levels in milliseconds
Universal Format Coverage: includes PE, ELF, MachO, Dex, .NET, Java, JS, documents, firmware, business apps
Integrated YARA Rules Engine: utilize custom rules to identify/enable new and advanced malware detection
Private File Analysis: files not shared publicly, files and results never leave your site
The A1000 Malware Analysis Platform supports advanced hunting and investigations through the TitaniumCore high-speed automated static analysis engine. It is integrated with file reputation services to provide in-depth rich context and threat classification on over 8 billion files and across all file types. The A1000 supports visualization, APIs for integration with automated workflows, a dedicated database for malware search, global and local YARA Rules matching, as well as integration with 3rd party sandbox tools.
The A1000 accelerates analysis for users at different levels from the helpdesk to an 'analyst workbench’ for deeper analysis. It assesses malware and malware status changes as malware families morph over time via obfuscation and other techniques. Integration with TitaniumCloud enables users to search across 8 billion goodware and malware files and to privately upload files samples for analysis.