Unique Automated Static Analysis fully dissects internal contents of files in 5 ms without execution, obviating the need for dynamic analysis in most cases.
Over 360 file formats are unpacked to the underlying object structure (e.g. embedded executables, libraries, documents, resources, icons) with over 3000 threat indicators extracted from the unpacked files.
ReversingLabs Hashing Algorithm hashes a file’s features rather than its bits enabling identification of functionally similar malware files even though each has a unique SHA-1 hash.
SOC analysts use classification to prioritize threats, while threat intelligence and hunting teams use the platform as a primary workbench for deep file analysis, and to accelerate investigations and incident response.
Objects and files of interest that have entered the infrastructure over time can be retained, creating a historical repository for retro hunting and ongoing analysis to uncover attacker techniques and tactics.
Advanced search offers up to 500 unique search expressions while an an advanced rules engine enables building and deploying custom YARA rules to detect sophisticated threat patterns.