Integration at Massive Scale
ReversingLabs integrates with endpoint detection and response (EDR) solutions to instantly and confidently identify files as malicious - without execution. Within milliseconds, all file types and objects across thousands of endpoints are automatically analyzed for malware. Detailed results including severity level, threat classification, name, and malware type are sent back to EDRs for automated containment and preventive security.Download Solution Brief
Challenge: SOC Analysts manually upload EDR suspicious files to public, crowdsourced file reputation services to try to identify malware. But sensitive attachment contents and attack information is unintentionally publicly exposed.
Solution: The ReversingLabs global file reputation service keeps data local - protecting files from exposure, and through EDR integrations, automatically sends actionable malware indicator results right into existing EDR and SOC user interfaces, accelerating response.
Challenge: Advanced, customized malware can adapt to and bypass organizations' security defenses, with entry points across global networks which makes it extremely challenging for threat hunters and incident responders to defend their environments.
Solution: Security threat hunters and incident responders can write YARA rules using ReversingLabs extracted malware details to detect malware hidden within internal and cloud-based data lakes and storage. These rules can be easily written and tested in ReversingLabs Titanium Platform and then exported to EDR, firewall, and network security solutions for proactive threat detection.
Challenge: Too often contextual details of why files and objects have been flagged as suspicious aren’t available and high volumes of alerts create complexity. For EDR admins this is burdensome and risky, and often files are missed due to incomplete coverage across all file types.
Solution: ReversingLabs solves this problem by seamlessly integrating with EDR systems to display file reputation results from its authoritative reputation database. Files are instantly filtered by malware severity level and type. Results are displayed in the EDR’s UI with clear and simple language and intuitive graphics enabling EDR admins to inspect larger volumes of files and focus on the most critical threats.
The Titanium Hybrid-Cloud Platform offers a flexible deployment architecture enabling high volume processing, accelerated object analysis, file reputation services and investigation through TitaniumCore, TitaniumCloud, TitaniumScale and the A1000
The joint ReversingLabs and Tanium solution enables customers to accurately and rapidly identify suspicious files and malware on their endpoints.
The ReversingLabs and Carbon Black integration matches authoritative file intelligence against all inbound files and attachments for unprecedented malware visibility at any volume.
ReversingLabs and Bromium have created an integrated solution to give security analysts detailed malware data on file samples that they captured and uploaded from a link in the Bromium UI.