RESTON, Va., July 14, 2016 /PRNewswire/ -- ThreatTrack Security today announced enhancements to its dynamic malware analysis sandbox, ThreatAnalyzer®, that accelerate the detection of and response to Zero-day threats, targeted attacks and other unknown malware. ThreatAnalyzer 6.1 introduces a new behavioral detection engine that accurately assesses files and URLs to determine if they are malicious, seamlessly integrates with ThreatTrack's cloud-based threat intelligence service, and offers a YARA-based rules engine to provide analysts with more granular control over their sandbox environments.
"New malware threats emerge every day, and their level of sophistication and ability to breach networks undetected is growing at an alarming rate," said ThreatTrack Chief Product Officer Usman Choudhary. "Organizations dealing with a lot of malware – especially those in highly targeted sectors like government, healthcare, finance and education – must not only identify malware evading traditional defenses but also better understand what those threats can do to their network. ThreatAnalyzer 6.1 provides even greater insight into those threats, offering actionable intelligence organizations use to more quickly and accurately respond to incidents."
ThreatAnalyzer – Revealing the True Nature of Malware ThreatAnalyzer uniquely enables organizations to recreate their entire application stack – including virtual and native systems – in a controlled environment where they can detonate malicious code and discover how it will behave on their networks. With the new capabilities of ThreatAnalyzer 6.1, organizations not only accelerate their discovery of known and unknown malware, but also gain a much deeper view into what these threats can do and their potential impact.
Key enhancements in ThreatAnalyzer 6.1 include:
New behavioral detection engine – Incorporating a proprietary machine learning algorithm, the new engine searches for indicators of compromise and compares activity with the behaviors associated with millions of previously analyzed malware samples in order to quickly and accurately identify new and unknown threats. ThreatAnalyzer doesn't just issue generic alerts (which puts the onus of identification on security personnel), but rather automatically determines whether a potential threat is real and what risk it presents so incident response teams can react quickly.
Integration with cloud-based threat intelligence – Integration with ThreatTrack's cloud-based threat intelligence service, ThreatIQ, provides customers with a constant stream of malicious URLs and IP addresses, suspected malicious files, phishing links and other malware data processed by ThreatTrack's labs. The behavior of malware processed by ThreatAnalyzer is recorded and checked against ThreatIQ to strengthen an organization's ability positively identify threats.
YARA-based rules engine – New multi-platform, open-source YARA rules can be seamlessly integrated into ThreatAnalyzer to help researchers more effectively identify malware, import rules from other systems, and write and share rules.
Anti-forensic controls – Modern cybercriminals put a great deal of effort into avoiding detection and, subsequently, malware has become much more effective at recognizing when it is in a sandbox or virtual environment and changing its behavior accordingly. New built-in anti-forensic controls nullify many of these evasive countermeasures, ensuring accurate assessment of sophisticated VM-aware malware.
About ThreatTrack Security Inc. ThreatTrack Security specializes in helping organizations identify and stop Advanced Persistent Threats (APTs), targeted attacks and other sophisticated malware designed to evade the traditional cyber defenses deployed by enterprises and government agencies around the world. With more than 300 employees worldwide and backed by Insight Venture Partners and Bessemer Venture Partners, the company develops advanced cybersecurity solutions that Expose, Analyze and Eliminate the latest malicious threats, including its ThreatSecure advanced threat detection and remediation platform, ThreatAnalyzer malware behavioral analysis sandbox, ThreatIQ real-time threat intelligence service, and VIPRE business antivirus endpoint protection. Learn more at www.ThreatTrack.com.