Several startup companies during the past two years have created ML-based binary analysis solutions for examining network traffic and we expect firewall, secure web gateway and secure email gateway solution providers to follow suit, as a cost-savings measure to reduce the reliance on malware sandboxing for all unknown files.
Gartner "Emerging Technologies and Trends Impact Radar: Security,"
Lawrence Pingree, et al, 13 November 2019
Challenge: Today's targeted threats use advanced techniques to avoid detection in sandboxes. And with the high volume of files entering enterprise networks, sandboxes can quickly be overloaded, and just can’t keep up with the sheer numbers.
Solution: ReversingLabs high-speed static analysis accurately detects malware and filters results by threat severity, type, and other classifications for speedy identification and triage. The ReversingLabs global authoritative file reputation database of 10 billion whitelist and blacklist files increases malware identification accuracy and reduces the dynamic analysis workload for more effective analysis and prioritization of files of interest.
Challenge: SOC analysts try to expose hidden malware by executing suspicious files payloads in isolation, but it is not easy or always possible to do that, and also takes a few minutes per file. Most dynamic analysis solutions only cover about 20 format families, and cannot detect many types of malware, or analyze every object in very large files, or those encrypted or zipped — leaving gaps in analysis.
Solution: ReversingLabs high-speed static analysis identifies 3,600 format families and can extract up to 3,000 threat indicators. These powerful indicators can be applied to existing security controls using ReversingLabs API integrations with partners to reduce the risk of compromise and breaches.
Challenge: The value of dynamic analysis execution of files in isolated sandboxes is to identify malicious behaviors and indicators to try to determine attack movement across the network, but does not provide a full picture of the attack surface.
Solution: ReversingLabs automates the resubmission of files for reanalysis to static analysis (TitaniumCore), file reputation (TitaniumCloud), and dynamic analysis services from a single console. Users can submit samples of up to 100 MB in size to supported dynamic analysis from common sandbox platforms.
The ReversingLabs Titanium Platform offers a flexible deployment architecture enabling high volume processing, accelerated object analysis, file reputation services and investigation through TitaniumCore, TitaniumCloud, TitaniumScale and the A1000
Watch our webinar, hosted by Brian Soldato, Director of Sales Engineering at ReversingLabs, to hear how automated, high-speed static analysis from ReversingLabs Titanium Platform can optimize your sandbox deployments.
Learn More
Download our whitepaper to learn how automated, high-speed static analysis can optimize your sandbox deployments.
Learn More
Automated Static Analysis is your secret weapon to leap ahead of advanced threats
Learn MoreMalware analysts and threat hunters want a mix of dynamic and static analysis to investigate suspect malware. ReversingLabs tackles the complex destructive objects, which prioritizes the sandbox on critical files of interest.
Sandbox Partner
Software Supply Chain Security Analysis for end to end Software Development workflows, containers and release packages
Learn More
The world’s most popular and authoritative database of goodware and malware threat intelligence
Learn More
Assess millions of files from web traffic, email, file transfers, endpoints or storage
Learn More
An instant malware lab with static and dynamic analysis for all of your company's
files and binaries
ReversingLabs and FireEye provide an integrated solution which detects and eliminates increasingly sophisticated security threats.
ReversingLabs and Joe Security provide an integrated solution which optimizes both static and dynamic analysis of suspect and known malware.
ReversingLabs and Cuckoo created an integrated solution to provide threat detection and rapid response to advanced exploitation techniques designed to evade traditional threat detection controls.