Sunbelt Software Unveils Updated Security Services

Upcoming CWSandbox enhancements allow security providers to automate bulk malware analysis; Exploit Feed adds to Threat Track portfolio

July 30, 2009

3 Min Read


LAS VEGAS, July 29 /PRNewswire/ -- Black Hat 2009 -- Sunbelt Software, a leading provider of Windows security software, today announced the upcoming availability of the next version of the industry's premier automated malware analysis tool, CWSandbox(TM). Sunbelt also announced the availability of its Exploit Feed, a new component to its Threat Track(TM) data service which provides customers with the industry's most accurate and up-to-date feeds, identifying and propagating to researchers the latest malicious URLs and malware. Both offerings rely on the world-class research efforts of SunbeltLabs(TM), the malware research and analysis division of Sunbelt Software.

CWSandbox is an automated behavior analysis tool that leverages unique technology for the automatic detection of malware. The forthcoming release of CWSandbox v3.0 will give researchers the ability to compare multiple analyses for differences and similarities, and allow them to send malware samples to multiple sandbox configurations and centrally manage the process. Unlike other malware analysis tools on the market today, CWSandbox provides true automation and gives those on the front lines of cyber-defense the ability to analyze in bulk and save crucial time.

Security researchers will have the ability to compare simultaneously how malware operates in a variety of environments. By leveraging this sophisticated analysis, enterprises can put security best practices in place to account for how malware behaves differently on varied desktop configurations within their networks and proactively protect against targeted threats.

"Sunbelt has a long history of marrying its endpoint anti-malware tools with state-of-the-art threat research," said Chad Loeven, VP, business development for Sunbelt Software. "Cooperation and sharing of such research in the security community is essential for the timely protection of businesses, federal agencies and consumers against the rising tide of malware attacks. SunbeltLabs is continually improving its world-class research methods in order to lead the effort to keep the bad guys out."

To that end, Sunbelt introduces a new Exploit Feed, which is one of the vital data streams maintained by SunbeltLabs, and is now part of the Threat Track service. The Exploit Feed tracks URLs deemed to be malicious based on a set of behavior and code traits, and is updated continuously, identifying links to exploits before users can become infected. The URLs are passed through an array of "honeyclients" configured to detect any malicious activity.

Data captured by the Exploit Feed include files dropped by the URL, other URLs involved in the exploit process, code containing the actual exploit, and an XML behavior analysis report of the browser and all related malware processes. The Exploit Feed, in conjunction with the other feed components of Threat Track, is heterogeneous in nature and can be incorporated into cloud, gateway and desktop Web security solutions.

Sunbelt's CWSandbox and Exploit Feed will be on display today and tomorrow in Booth #1 at Black Hat USA 2009 in Caesar's Palace, Las Vegas, Nevada. For more information on CWSandbox or Threat Track, please visit


Headquartered in Tampa Bay (Clearwater), Fla., Sunbelt Software was founded in

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights