Integration at Massive Scale
Challenge: Todays targeted threats use advanced techniques to avoid detection in sandboxes. And with the high volume of files entering enterprise networks, sandboxes can quickly be overloaded and just can’t keep up with the sheer numbers.
Solution: ReversingLabs high-speed static analysis accurately detects malware and filters results by threat severity, type, and other classifications for speedy identification and triage. The ReversingLabs global authoritative file reputation database of 8 billion whitelist and blacklist files increases malware identification accuracy and reduces the dynamic analysis workload for more effective analysis and prioritization of files of interest.
Challenge: SOC analysts try to expose hidden malware by executing suspicious files payloads in isolation, but it is not easy or always possible to do that and also takes a few minutes per file. Most dynamic analysis solutions only cover around 20 format families, and cannot detect many types of malware, or analyze every object in very large files, or those encrypted or zipped - leaving gaps in analysis.
Solution: ReversingLabs high speed static analysis identifies 3,600 format families and can extract up to 3,000 threat indicators. These powerful indicators can be applied to existing security controls using ReversingLabs API integrations with partners to reduce the risk of compromise and breaches.
Challenge: The value of dynamic analysis execution of files in isolated sandboxes is to identify malicious behaviors and indicators to try to determine attack movement across the network, but does not provide a full picture of the attack surface.
Solution: ReversingLabs automates the resubmission of files for reanalysis to static analysis (TitaniumCore), file reputation (TitaniumCloud), and dynamic analysis services from a single console. Users can submit samples of up to 100 MB in size to supported dynamic analysis from common sandbox platforms.
The Titanium Hybrid-Cloud Platform offers a flexible deployment architecture enabling high volume processing, accelerated object analysis, file reputation services and investigation through TitaniumCore, TitaniumCloud, TitaniumScale and the A1000
ReversingLabs and FireEye provide an integrated solution which detects and eliminates increasingly sophisticated security threats.
ReversingLabs and JOE Security provide an integrated solution which optimizes both static and dynamic analysis of suspect and known malware.
ReversingLabs and Cuckoo created an integrated solution to provide threat detection and rapid response to advanced exploitation techniques designed to evade traditional threat detection controls.