Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


09:52 AM
Dark Reading
Dark Reading
Products and Releases

GFI Software And OPSWAT Bring Easy-To-Deploy, Advanced Malware Analysis To The Enterpris

Preconfigured sandbox appliance helps businesses combat the growing threat from advanced persistent threats and targeted cyberattacks

CLEARWATER, Fla., July 19, 2012 /PRNewswire/ -- GFI Software in collaboration with OPSWAT Inc., a leader in multi-engine malware scanning solutions, today announced the launch of a dynamic malware analysis solution that combines OPSWAT's Metascan ® and GFI's GFI SandBox(TM) on one integrated appliance. The synergy of these two products and the plug-and-play nature of the new appliance will make dynamic malware analysis more accessible to cyber-security professionals who are tasked with defending against advanced persistent threats (APT), targeted attacks and sophisticated malware like Flame.

(Logo: http://photos.prnewswire.com/prnh/20120330/NE79547LOGO)

The Metascan + GFI SandBox solution is ideal for malware researchers in the defense, healthcare, energy and financial services industries. It saves time, costs and resources for teams analyzing malware samples. The Metascan + GFI SandBox solution uses high speed multi-scanning to reduce the volume of files that need to undergo exhaustive analysis, then uses advanced sandboxing technology to provide a layer of malware analysis beyond signature and heuristic-based detection.

"Antivirus solutions alone are no longer a sufficient shield against the massive volume of sophisticated attacks today's organizations face," said Julian Waits, vice president, Advanced Technology Group, GFI Software. "While many threats are caught by antivirus solutions, advanced persistent threats frequently go undetected, highlighting the importance for enterprises to deploy a sandbox that can assess any suspect file for malicious behavior."

Metascan uses more than 20 antivirus engines, including GFI VIPRE®, to increase zero-hour detection rates for all types of malware without the hassle of licensing, modifying, and maintaining multiple antivirus engines. All engines integrated into Metascan products are optimized to scan simultaneously for fast, high performance scanning.

"Metascan combines the malware scanning capabilities of the leading commercial antivirus engines to provide the security industry's premier multi-scanning tool," said Benny Czarny, CEO at OPSWAT. "With this new collaboration with GFI, the scanning power of Metascan will be further enhanced by integrating GFI SandBox to enable deeper sample analysis. Metascan + GFI SandBox customers will have an optimal workflow to quickly and efficiently assess targeted attacks and other threats."

GFI SandBox is one of the industry's leading malware analysis solutions. It enables users to test files and URLs for potential threats within a controlled environment so they can deploy and implement appropriate defenses when advanced malware and sophisticated cyber-attacks are discovered. GFI SandBox 4.0 was recently upgraded with a new Malware Determination Engine that provides users with risk levels of "Low", "Medium", "High" or "Known" for each potential malware sample analyzed. By combining Metascan with the GFI Sandbox Malware Determination Engine, security teams can more efficiently evaluate the increasing volume of malware and create a single workflow to reverse engineer samples and determine how to effectively block viruses.

Metascan uses customized logic based on scan results, file type or other factors to determine which files should be sent to GFI SandBox for deeper investigation. Using dynamic malware analysis, GFI SandBox then provides detailed information about the risk of the specified files. This workflow is particularly beneficial for researchers interested in looking more closely at suspicious files not yet detected as threats by any commercial antivirus engines.

To learn more about Metascan, visit http://www.opswat.com/products/metascan. To learn more about GFI Sandbox, visit www.gfi.com/malware-analysis-tool, send email to [email protected] or call 855-443-4284.

GFI will be demonstrating GFI SandBox 4.0 and its latest enhancements for security professionals at booth #631 at Black Hat USA 2012 from July 25-26 in Las Vegas.

About GFI GFI Software provides web and mail security, archiving and fax, networking and security software and hosted IT solutions for small to medium-sized businesses (SMB) via an extensive global partner community. GFI products are available either as on-premise solutions, in the cloud or as a hybrid of both delivery models. With award-winning technology, a competitive pricing strategy, and a strong focus on the unique requirements of SMBs, GFI satisfies the IT needs of these organizations on a global scale. The company has offices in the United States, UK, Austria, Australia, Malta, Hong Kong, Philippines and Romania, which together support hundreds of thousands of installations worldwide. GFI is a channel-focused company with thousands of partners throughout the world and is also a Microsoft Gold ISV Partner.

About OPSWAT, Inc. Founded in 2002, OPSWAT is the industry leader in software management SDKs, interoperability certification and multiple-engine malware scanning solutions. With both software manageability and multi-scanning products, OPSWAT offers simplified and comprehensive SDKs that reduce time and costs for your engineering and testing teams. OPSWAT delivers: OESIS Framework, an open development framework that enables software engineers to develop products that manage thousands of third-party software applications; Multiple antivirus engine scanning products including Metascan (try the demo at www.metascan-online.com); Secure Virtual Desktop, a sandboxing solution for secure and private web browsing; AppRemover, a free utility that enables the complete uninstallation of security applications; and GEARS, a white-labeled, cloud-based solution for monitoring and managing computers, servers, and switches.

Comment  | 
Print  | 
More Insights
Threaded  |  Newest First  |  Oldest First
How SolarWinds Busted Up Our Assumptions About Code Signing
Dr. Jethro Beekman, Technical Director,  3/3/2021
'ObliqueRAT' Now Hides Behind Images on Compromised Websites
Jai Vijayan, Contributing Writer,  3/2/2021
Attackers Turn Struggling Software Projects Into Trojan Horses
Robert Lemos, Contributing Writer,  2/26/2021
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-03-09
Products.GenericSetup is a mini-framework for expressing the configured state of a Zope Site as a set of filesystem artifacts. In Products.GenericSetup before version 2.1.1 there is an information disclosure vulnerability - anonymous visitors may view log and snapshot files generated by the Generic ...
PUBLISHED: 2021-03-09
The `com.bmuschko:gradle-vagrant-plugin` Gradle plugin contains an information disclosure vulnerability due to the logging of the system environment variables. When this Gradle plugin is executed in public CI/CD, this can lead to sensitive credentials being exposed to malicious actors. This is fixed...
PUBLISHED: 2021-03-09
react-dev-utils prior to v11.0.4 exposes a function, getProcessForPort, where an input argument is concatenated into a command string to be executed. This function is typically used from react-scripts (in Create React App projects), where the usage is safe. Only when this function is manually invoke...
PUBLISHED: 2021-03-08
Dell iDRAC8 versions prior to contain a host header injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary ‘Host’ header values to poison a web-cache or trigger redirections.
PUBLISHED: 2021-03-08
Maxum Rumpus 8.2.13 and 8.2.14 is affected by a command injection vulnerability. The web administration contains functionality in which administrators are able to manage users. The edit users form contains a parameter vulnerable to command injection due to insufficient validation.