ReversingLabs Launches Titanium Platform Enhancements for MITRE ATT&CK Framework Read more

Titanium Platform Any file. Any location. Any threat.

A machine learning hybrid cloud platform that harvests thousands of file types at scale, speeds threat detection through machine learning binary analysis, and continuously monitors an index of over 10B files for future threats.

Titanium Platform
Titanium Platform Overview Video

ReversingLabs Titanium Platform

 

High Volume Processing & Integration

TitaniumScale

TitaniumScale
Over 400 file formats processed and 4000 file types identified from diverse platforms, applications & malware families.
Real-time, deep inspection of files, scalable to 150+ million files per day without dynamic execution.
Tightly coupled connectors integrate industry leading email, EDR, SIEM, SOAR, and analytics platforms.

Automated Static Analysis

TitaniumCore

Automated Static Analysis

 

Unique Automated Static Analysis fully dissects internal contents of files in 5 ms without execution, obviating the need for dynamic analysis in most cases.
Over 400 file formats are unpacked to the underlying object structure (e.g. embedded executables, libraries, documents, resources, icons) with over 3000 metadata points & 12000 file indicators extracted from the unpacked files.
ReversingLabs Hashing Algorithm hashes a file’s features rather than its bits enabling identification of functionally similar malware files even though each has a unique SHA-1 hash.

Explainable Machine Learning

TITANIUMCORE

Explainable Machine Learning

 

Apply over 15 analysis engines, including outcomes from machine learning (ML)-based binary analysis to derive distinct malware type classification verdicts.

Map human readable indicators to verifiable classifications, and deliver explainable threat intelligence directly to the analysts.

Align trusted intelligence to a security framework & common lexicon such as MITRE ATT&CKTM.

File Reputation & Intelligence

TitaniumCloud Services

File Reputation & Intelligence

 

Powerful threat intelligence solution with up-to-date, threat classification and rich context on over 10 billion goodware and malware files.

Continuously adding up to 8 million malware and goodware daily, constantly curated for the most up-to-date file reputation status.
Extensive Feeds for specific threats, e.g. file types, threat types, industry, CVE, URI, all supported by REST APIs for automated analysis process integration.

Investigation & Hunting

A1000

Investigation & Hunting

 

SOC analysts use classification to prioritize threats, while threat intelligence and hunting teams use the platform as a primary workbench for deep file analysis, and to accelerate investigations and incident response.
Objects and files of interest that have entered the infrastructure over time can be retained, creating a historical repository for retro hunting and ongoing analysis to uncover attacker techniques and tactics.
Advanced search offers up to 500 unique search expressions while an an advanced rules engine enables building and deploying custom YARA rules to detect sophisticated threat patterns.