Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

2/17/2016
04:54 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

ThreatTrack Releases Its Next-Generation Malware Analysis Sandbox

ThreatAnalyzer 6.0 enables enterprises and government agencies to discover and respond to advanced malware evading their signature-based defenses

Reston, Va. – Feb. 2, 2016 – ThreatTrack Security today launched ThreatAnalyzer® 6.0, the next evolution of the company’s fully customizable malware analysis sandbox. With malware increasingly developed with multiple layers of obfuscation and detection-evasion capabilities, ThreatAnalyzer (formerly CW Sandbox and GFI Sandbox) has been reengineered to expose these advanced threats and enable enterprises to quickly and accurately respond to discovered malware.

“As the first sandbox to market, ThreatAnalyzer has long been recognized as a leader in malware analysis, providing a complete view of every aspect of malicious code and its impact to the organization,” said Usman Choudhary, chief product officer at ThreatTrack. “With ThreatAnalyzer 6.0, we’ve significantly raised the bar with a more intuitive and powerful enterprise-class solution that gives analysts the customized controls they need to dig deeper into their environment to uncover and profile advanced malware attacks.”

ThreatAnalyzer enables organizations to recreate their entire application stack – including virtual and native environments – in which to detonate malicious code and discover how malware will behave on their networks. It can be deployed as a stand-alone solution or in conjunction with existing advanced threat detection platforms.

“The growing sophistication of custom malware and multi-staged attacks has made sandboxing environments an important tool that malware analysts need to understand these complex attacks,” said Robert Westervelt, security products research manager at IDC Corporation. “The behavioral patterns and other information gained from analyzing malware behavior helps provide the context needed to identify common attack vectors, innovative intrusion techniques and attacker movement within a corporate network.”

ThreatAnalyzer 6.0 introduces a number of enhancements, including:

  • Greater intuitive investigation – Balancing the need for simplicity with in-depth analysis, ThreatAnalyzer offers a streamlined interface that presents the most pertinent information at the top level while giving malware analysts the ability to quickly drill into the data to look for behavioral similarities, differences or unique characteristics – all from a single pane. 
  • Improved insight into malware processes – Server-side processing that incorporates a rich data structure and taxonomy enables ThreatAnalyzer to discover and capture interdependencies while preserving attribution. The ability to automatically determine file types for samples with incorrect extensions lets analysts capture and analyze previously unprocessed malware.
  • Real-time exploration of multi-stage malware – Support of client-side plugins provides fine-grained, customized controls so analysts can interact with malware in progress and dynamically change the parameters or create rules that trigger different behaviors. By simulating various scenarios with the malware as it executes, analysts are able to quickly understand the true nature of a multi-stage attack and how it would unfold in their environments – from infection vector to payload execution.
  • Enhanced visibility into risks – Fully integrates malware assessments from VirusTotal, which checks for viruses against dozens of leading antivirus engines, with its own behavioral risk analysis to provide a comprehensive view of risk – for instance, flagging malware that may pose no threat to the user’s current custom environment but would trigger an attack under other circumstances.
  • Extended platform support – Increased deployment options through the support of additional virtual environments and the introduction of an easily deployed virtual appliance makes it easier than ever to install and use ThreatAnalyzer.

Try ThreatAnalyzer Free for 30 Days

To learn more about ThreatAnalyzer 6.0, visit www.ThreatTrackSecurity.com, call +1 855-885-5566 or send an email to [email protected]. Experience ThreatAnalyzer firsthand by starting a 30-day free trial at http://www.threattracksecurity.com/threatanalyzer-virtual-trial.aspx

See it at RSA

ThreatTrack will be demonstrating ThreatAnalyzer at RSA Conference 2016 in booth #S1221, Feb. 29 – March 3. To meet with ThreatTrack and/or schedule a demo, contact Jarred LeFebvre at [email protected] threattrack.com.

About ThreatTrack Security Inc.
ThreatTrack Security specializes in helping organizations identify and stop Advanced Persistent Threats (APTs), targeted attacks and other sophisticated malware designed to evade the traditional cyber defenses deployed by enterprises and government agencies around the world. With more than 300 employees worldwide and backed by Insight Venture Partners and Bessemer Venture Partners, the company develops advanced cybersecurity solutions that Expose, Analyze and Eliminate the latest malicious threats, including its ThreatSecure advanced threat detection and remediation platform, ThreatAnalyzer malware behavioral analysis sandbox, ThreatIQ real-time threat intelligence service, and VIPRE business antivirus endpoint protection. Learn more at www.ThreatTrackSecurity.com.

 

# # #

Disclaimer

Copyright © 2016 ThreatTrack Security, Inc. All rights reserved. All other trademarks are the property of their respective owners. To the best of our knowledge, all details were correct at the time of publishing; this information is subject to change without notice

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
Jai Vijayan, Contributing Writer,  4/15/2021
News
Dependency Problems Increase for Open Source Components
Robert Lemos, Contributing Writer,  4/14/2021
News
FBI Operation Remotely Removes Web Shells From Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-25382
PUBLISHED: 2021-04-23
An improper authorization of using debugging command in Secure Folder prior to SMR Oct-2020 Release 1 allows unauthorized access to contents in Secure Folder via debugging command.
CVE-2021-26291
PUBLISHED: 2021-04-23
Apache Maven will follow repositories that are defined in a dependency’s Project Object Model (pom) which may be surprising to some users, resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be t...
CVE-2021-31607
PUBLISHED: 2021-04-23
In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion. The attack requires that a file is created with a pathname that is backed up by snapper, and that the master calls the snapper.diff function...
CVE-2021-31597
PUBLISHED: 2021-04-23
The xmlhttprequest-ssl package before 1.6.1 for Node.js disables SSL certificate validation by default, because rejectUnauthorized (when the property exists but is undefined) is considered to be false within the https.request function of Node.js. In other words, no certificate is ever rejected.
CVE-2021-2296
PUBLISHED: 2021-04-22
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromi...