Endpoint
7/20/2012
09:52 AM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%
Repost This

GFI Software And OPSWAT Bring Easy-To-Deploy, Advanced Malware Analysis To The Enterpris

Preconfigured sandbox appliance helps businesses combat the growing threat from advanced persistent threats and targeted cyberattacks

CLEARWATER, Fla., July 19, 2012 /PRNewswire/ -- GFI Software in collaboration with OPSWAT Inc., a leader in multi-engine malware scanning solutions, today announced the launch of a dynamic malware analysis solution that combines OPSWAT's Metascan ® and GFI's GFI SandBox(TM) on one integrated appliance. The synergy of these two products and the plug-and-play nature of the new appliance will make dynamic malware analysis more accessible to cyber-security professionals who are tasked with defending against advanced persistent threats (APT), targeted attacks and sophisticated malware like Flame.

(Logo: http://photos.prnewswire.com/prnh/20120330/NE79547LOGO)

The Metascan + GFI SandBox solution is ideal for malware researchers in the defense, healthcare, energy and financial services industries. It saves time, costs and resources for teams analyzing malware samples. The Metascan + GFI SandBox solution uses high speed multi-scanning to reduce the volume of files that need to undergo exhaustive analysis, then uses advanced sandboxing technology to provide a layer of malware analysis beyond signature and heuristic-based detection.

"Antivirus solutions alone are no longer a sufficient shield against the massive volume of sophisticated attacks today's organizations face," said Julian Waits, vice president, Advanced Technology Group, GFI Software. "While many threats are caught by antivirus solutions, advanced persistent threats frequently go undetected, highlighting the importance for enterprises to deploy a sandbox that can assess any suspect file for malicious behavior."

Metascan uses more than 20 antivirus engines, including GFI VIPRE®, to increase zero-hour detection rates for all types of malware without the hassle of licensing, modifying, and maintaining multiple antivirus engines. All engines integrated into Metascan products are optimized to scan simultaneously for fast, high performance scanning.

"Metascan combines the malware scanning capabilities of the leading commercial antivirus engines to provide the security industry's premier multi-scanning tool," said Benny Czarny, CEO at OPSWAT. "With this new collaboration with GFI, the scanning power of Metascan will be further enhanced by integrating GFI SandBox to enable deeper sample analysis. Metascan + GFI SandBox customers will have an optimal workflow to quickly and efficiently assess targeted attacks and other threats."

GFI SandBox is one of the industry's leading malware analysis solutions. It enables users to test files and URLs for potential threats within a controlled environment so they can deploy and implement appropriate defenses when advanced malware and sophisticated cyber-attacks are discovered. GFI SandBox 4.0 was recently upgraded with a new Malware Determination Engine that provides users with risk levels of "Low", "Medium", "High" or "Known" for each potential malware sample analyzed. By combining Metascan with the GFI Sandbox Malware Determination Engine, security teams can more efficiently evaluate the increasing volume of malware and create a single workflow to reverse engineer samples and determine how to effectively block viruses.

Metascan uses customized logic based on scan results, file type or other factors to determine which files should be sent to GFI SandBox for deeper investigation. Using dynamic malware analysis, GFI SandBox then provides detailed information about the risk of the specified files. This workflow is particularly beneficial for researchers interested in looking more closely at suspicious files not yet detected as threats by any commercial antivirus engines.

To learn more about Metascan, visit http://www.opswat.com/products/metascan. To learn more about GFI Sandbox, visit www.gfi.com/malware-analysis-tool, send email to ATG@gfi.com or call 855-443-4284.

GFI will be demonstrating GFI SandBox 4.0 and its latest enhancements for security professionals at booth #631 at Black Hat USA 2012 from July 25-26 in Las Vegas.

About GFI GFI Software provides web and mail security, archiving and fax, networking and security software and hosted IT solutions for small to medium-sized businesses (SMB) via an extensive global partner community. GFI products are available either as on-premise solutions, in the cloud or as a hybrid of both delivery models. With award-winning technology, a competitive pricing strategy, and a strong focus on the unique requirements of SMBs, GFI satisfies the IT needs of these organizations on a global scale. The company has offices in the United States, UK, Austria, Australia, Malta, Hong Kong, Philippines and Romania, which together support hundreds of thousands of installations worldwide. GFI is a channel-focused company with thousands of partners throughout the world and is also a Microsoft Gold ISV Partner.

About OPSWAT, Inc. Founded in 2002, OPSWAT is the industry leader in software management SDKs, interoperability certification and multiple-engine malware scanning solutions. With both software manageability and multi-scanning products, OPSWAT offers simplified and comprehensive SDKs that reduce time and costs for your engineering and testing teams. OPSWAT delivers: OESIS Framework, an open development framework that enables software engineers to develop products that manage thousands of third-party software applications; Multiple antivirus engine scanning products including Metascan (try the demo at www.metascan-online.com); Secure Virtual Desktop, a sandboxing solution for secure and private web browsing; AppRemover, a free utility that enables the complete uninstallation of security applications; and GEARS, a white-labeled, cloud-based solution for monitoring and managing computers, servers, and switches.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-3946
Published: 2014-04-24
Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunistic circumstances by sending IPv6 packets in an unspecified scenario in which expected packet drops do not occur for "a small percentage" of the packets, aka Bug ID CSCty73682.

CVE-2012-5723
Published: 2014-04-24
Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948.

CVE-2013-6738
Published: 2014-04-24
Cross-site scripting (XSS) vulnerability in IBM SmartCloud Analytics Log Analysis 1.1 and 1.2 before 1.2.0.0-CSI-SCALA-IF0003 allows remote attackers to inject arbitrary web script or HTML via an invalid query parameter in a response from an OAuth authorization endpoint.

CVE-2014-0188
Published: 2014-04-24
The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attackers to bypass authentication and impersonate arbitrary users via the X-Remote-User header in a request to...

CVE-2014-2391
Published: 2014-04-24
The password recovery service in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 makes an improper decision about the sensitivity of a string representing a previously used but currently invalid password, which allows remote attackers to obtain potent...

Best of the Web