Unique Automated Static Analysis fully dissects internal contents of files without execution to detect attacks, determine threat level and expose vital information for remediation
Empowers SOC/CIRTs and enriches threat intelligence for many security solutions by exposing multi-layered obfuscation used to mask true payload and intent to accelerate triage
YARA-based rules matched on all decompressed content; custom rules and 3rd party modules supported
Scales elastically to process the most demanding workloads across Linux and Windows platforms
TitaniumCore implements highly-scalable automated static analysis to recursively unpack, extract internal indicators and calculate threat levels of files to support real-time and/or high-volume applications. With static analysis, files are not executed so that detailed analysis may be performed in milliseconds on an extensive list of file types. TitaniumCore consists of software and an SDK for integration into advanced automated workflows, products or services.
TitaniumCore performs advanced file analysis at millisecond speeds with a powerful engine for applications of any scale from a few samples to millions of samples daily. The rules engine calculates threat level based on rules provided by ReversingLabs and YARA rules supplied by the customer. Extracted files can automatically be routed to additional analysis tools (e.g., decompilers, debuggers, sandboxes) or an analyst for further analysis based on threat level and type to make the most efficient use of security assets. No other product (e.g., sandboxes or scanners) exposes the breadth and depth of threat indicators extracted by TitaniumCore.
ReversingLabs enterprise scale analysis solutions perform pre-execution, near real-time deep inspection of the high volumes of files encountered in large organizations.
TitaniumCore provides the software engine that processes files using ReversingLabs unique File Decomposition technology. TitaniumCore implements high-performance automated static analysis to recursively unpack, extract internal indicators and calculate the threat level of files to support real-time and/or high-volume applications
TitaniumCore Enterprise extends the TitaniumCore base solution to cover advanced analysis applications by adding ReversingLabs Hashing Algorithm (RHA) to calculate functional similarity to known malware and TitaniumCloud File Reputation integration to identify known goodware and malware against a database of over 8 billion goodware and malware files.
TitaniumCore allows the user to define which types of metadata will be collected. The metadata provides critical information, often not available from other tools, for determining the intent and capabilities of the sample.
|Product Features and Capability||TitaniumCore||TitaniumCore Enterprise|
|File Decomposition / Automated Static Analysis|
|360+ Format Families Unpacked/Analyzed|
|3600+ File Formats Identified|
|3000+ Threat Indicators Extracted Per File|
|Indicator Extraction User Selectable|
|Rules Engine Calculates Threat Profile|
|Custom YARA Rules for Classification|
|Third Party Modules Supported|
|Functional Similarity (RHA) to Known Malware|
|TitaniumCloud File Reputation Integration|
|SDK with API for File Submission and Results|