Optimize Sandbox Performance

ReversingLabs automates and accelerates threat detection by unpacking all inbound files using static analysis, not executing files, and analyzes them for hidden malware indicators - leaving sandboxes to process only critical files of interest, faster.

Optimize Sandbox Performance
Speed Analysis without Execution

Speed Analysis without Execution

Challenge: Todays targeted threats use advanced techniques to avoid detection in sandboxes. And with the high volume of files entering enterprise networks, sandboxes can quickly be overloaded and just can’t keep up with the sheer numbers. 

Solution: ReversingLabs high-speed static analysis accurately detects malware and filters results by threat severity, type, and other classifications for speedy identification and triage. The ReversingLabs global authoritative file reputation database of 8 billion whitelist and blacklist files increases malware identification accuracy and reduces the dynamic analysis workload for more effective analysis and prioritization of files of interest.

File Decomposition Technology

Expand Security Coverage for Files and Objects

Challenge: SOC analysts try to expose hidden malware by executing suspicious files payloads in isolation, but it is not easy or always possible to do that and also takes a few minutes per file. Most dynamic analysis solutions only cover around 20 format families, and cannot detect many types of malware, or analyze every object in very large files, or those encrypted or zipped - leaving gaps in analysis.

Solution: ReversingLabs high speed static analysis identifies 3,600 format families and can extract up to 3,000 threat indicators. These powerful indicators can be applied to existing security controls using ReversingLabs API integrations with partners to reduce the risk of compromise and breaches.

Reanalyze files to multiple services in a single pane of glass

Unify Static and Dynamic Analysis in a Single Console

Challenge: The value of dynamic analysis execution of files in isolated sandboxes is to identify malicious behaviors and indicators to try to determine attack movement across the network, but does not provide a full picture of the attack surface.

Solution: ReversingLabs automates the resubmission of files for reanalysis to static analysis (TitaniumCore), file reputation  (TitaniumCloud), and dynamic analysis services from a single console. Users can submit samples of up to 100 MB in size to supported dynamic analysis from common sandbox platforms.

Reference Architecture

The Titanium Hybrid-Cloud Platform offers a flexible deployment architecture enabling high volume processing, accelerated object analysis, file reputation services and investigation through TitaniumCore, TitaniumCloud, TitaniumScale and the A1000

Reference Architecture - ReversingLabs Solutions

Sandbox Partners