Any file. Any location. Any threat.
A machine learning hybrid cloud platform that harvests thousands of file types at scale, speeds threat detection through machine learning binary analysis, and continuously monitors an index of over 10B files for future threats.
Unique Automated Static Analysis fully dissects internal contents of files in 5 ms without execution, obviating the need for dynamic analysis in most cases.
Over 400 file formats are unpacked to the underlying object structure (e.g. embedded executables, libraries, documents, resources, icons) with over 3000 metadata points & 12000 file indicators extracted from the unpacked files.
ReversingLabs Hashing Algorithm hashes a file’s features rather than its bits enabling identification of functionally similar malware files even though each has a unique SHA-1 hash.
SOC analysts use classification to prioritize threats, while threat intelligence and hunting teams use the platform as a primary workbench for deep file analysis, and to accelerate investigations and incident response.
Objects and files of interest that have entered the infrastructure over time can be retained, creating a historical repository for retro hunting and ongoing analysis to uncover attacker techniques and tactics.
Advanced search offers up to 500 unique search expressions while an an advanced rules engine enables building and deploying custom YARA rules to detect sophisticated threat patterns.