Housed on a standard quad-core laptop, the ValidEdge MISbook 2300 uses a military grade virtualization platform to create two secure partitions that are exclusively used to manage and run malware samples in real-time for analysis, without risk of compromising the standard Linux or Microsoft Windows operating system that is running in its own secure partition alongside.
ValidEdge Malware Intelligence Systems provide comprehensive information about new and unknown malware even when packed, encrypted and obfuscated, and the new MISbook delivers this capability in a truly portable and usable laptop. It provides malware analysts, incident response teams and Enterprise security teams with a detailed report on malware in real-time, including assembly source code, customizable warning level and information about latent payloads even when away from the office or the corporate network.
“The MISbook is in every sense a fully configured malware analysis system, but in a unique portable format allowing IT professionals to examine malware wherever they are in real-time and without having to carry a dedicated analysis system,” said Lixin Lu, CTO of ValidEdge. “The use of a truly secure virtualization platform means that any malware that is run or analyzed on the MISbook cannot escape or compromise the rest of the laptop and is a really unique feature of our implementation.”
The MISbook runs malware on a real Windows system within a secure partition, and then uses both static and dynamic analysis to get full information about the malware and its payloads. A complete simulation of all network services can be included, to capture all internet activity, and corporate images, OS versions and applications can be pre-loaded.
The ValidEdge MISbook 2300 incorporates several innovative analysis engines for classification, decryption, unpacking, reverse engineering, and combined dynamic and static analysis to fully reveal the current and potential intention of unknown malware. Its partitions provide a secure environment to expose malware, allowing responders to fully grasp the malware’s intention and learn what it was trying to target. It will also identify any logic bombs hidden in the malware waiting for a trigger to cause damage at a later time. Once the new malware has been identified, security professionals receive several detailed reports about the behavior of the malware.
Like its sibling MIS1300 appliance, the ValidEdge MISbook 2300 makes use of military grade separation-kernel technology developed by LynuxWorks to meet the highest requirement of security critical systems. This technology allows complete isolation of the Windows environment so that malware cannot penetrate and corrupt the platform while it is being analyzed.
Availability The ValidEdge MISbook 2300 is available today and being shown at stand G78 at the Infosecurity Conference, Earl’s Court, from April 24-26.
About ValidEdge ValidEdge offers the world’s first appliance with separation-kernel technology for very fast and secure malware analysis. Designed for the large financial, government and anti-virus (AV) organizations, ValidEdge purpose-built appliances complement current network and AV defenses. Led by a team experienced in building highly secure systems for mission-critical applications and knowledgeable in dismantling sophisticated malware, ValidEdge is ushering in the next generation of malware awareness. ValidEdge is a wholly owned subsidiary of LynuxWorks, Inc., a leader in safe and secure software solutions. For more information, please visit www.validedge.com