Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

4/25/2012
01:30 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

ValidEdge Unveils Portable Malware Intelligence System

ValidEdge MISbook 2300 can analyze up to 1,000 malware samples per day in a fully functional laptop

London, England, Infosecurity Conference─24 April 2012─ValidEdge, a wholly owned subsidiary of LynuxWorks, Inc., has unveiled a truly secure real-time malware analysis engine built into a standard laptop, delivering the power to analyze up to 1000 malware samples per day in a fully functional laptop without compromising the integrity of the laptop’s functions, data or operating system.

Housed on a standard quad-core laptop, the ValidEdge MISbook 2300 uses a military grade virtualization platform to create two secure partitions that are exclusively used to manage and run malware samples in real-time for analysis, without risk of compromising the standard Linux or Microsoft Windows operating system that is running in its own secure partition alongside.

ValidEdge Malware Intelligence Systems provide comprehensive information about new and unknown malware even when packed, encrypted and obfuscated, and the new MISbook delivers this capability in a truly portable and usable laptop. It provides malware analysts, incident response teams and Enterprise security teams with a detailed report on malware in real-time, including assembly source code, customizable warning level and information about latent payloads even when away from the office or the corporate network.

“The MISbook is in every sense a fully configured malware analysis system, but in a unique portable format allowing IT professionals to examine malware wherever they are in real-time and without having to carry a dedicated analysis system,” said Lixin Lu, CTO of ValidEdge. “The use of a truly secure virtualization platform means that any malware that is run or analyzed on the MISbook cannot escape or compromise the rest of the laptop and is a really unique feature of our implementation.”

The MISbook runs malware on a real Windows system within a secure partition, and then uses both static and dynamic analysis to get full information about the malware and its payloads. A complete simulation of all network services can be included, to capture all internet activity, and corporate images, OS versions and applications can be pre-loaded.

The ValidEdge MISbook 2300 incorporates several innovative analysis engines for classification, decryption, unpacking, reverse engineering, and combined dynamic and static analysis to fully reveal the current and potential intention of unknown malware. Its partitions provide a secure environment to expose malware, allowing responders to fully grasp the malware’s intention and learn what it was trying to target. It will also identify any logic bombs hidden in the malware waiting for a trigger to cause damage at a later time. Once the new malware has been identified, security professionals receive several detailed reports about the behavior of the malware.

Like its sibling MIS1300 appliance, the ValidEdge MISbook 2300 makes use of military grade separation-kernel technology developed by LynuxWorks to meet the highest requirement of security critical systems. This technology allows complete isolation of the Windows environment so that malware cannot penetrate and corrupt the platform while it is being analyzed.

Availability The ValidEdge MISbook 2300 is available today and being shown at stand G78 at the Infosecurity Conference, Earl’s Court, from April 24-26.

About ValidEdge ValidEdge offers the world’s first appliance with separation-kernel technology for very fast and secure malware analysis. Designed for the large financial, government and anti-virus (AV) organizations, ValidEdge purpose-built appliances complement current network and AV defenses. Led by a team experienced in building highly secure systems for mission-critical applications and knowledgeable in dismantling sophisticated malware, ValidEdge is ushering in the next generation of malware awareness. ValidEdge is a wholly owned subsidiary of LynuxWorks, Inc., a leader in safe and secure software solutions. For more information, please visit www.validedge.com

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
US Capitol Attack a Wake-up Call for the Integration of Physical & IT Security
Seth Rosenblatt, Contributing Writer,  1/11/2021
More SolarWinds Attack Details Emerge
Kelly Jackson Higgins, Executive Editor at Dark Reading,  1/12/2021
Vulnerability Management Has a Data Problem
Tal Morgenstern, Co-Founder & Chief Product Officer, Vulcan Cyber,  1/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7343
PUBLISHED: 2021-01-18
Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates by manipulating a directory used by MA for temporary files. The product would continue to function with out-of-date detection files.
CVE-2020-28476
PUBLISHED: 2021-01-18
All versions of package tornado are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configura...
CVE-2020-28473
PUBLISHED: 2021-01-18
The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with defa...
CVE-2021-25173
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to cause a crash, potentially enabling denial of service (crash, exit, or restart).
CVE-2021-25174
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory corruption vulnerability exists when reading malformed DGN files. It can allow attackers to cause a crash, potentially enabling denial of service (Crash, Exit, or Restart).