Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Automatic bulk malware analysis for virus researchers

Sunbelt Software : 30 July, 2009  (New Product)
The next release of CWSandbox from Sunbelt Software will carry enhancements in behavioural analysis for improving the effectiveness of analysts and IT security engineers
Sunbelt Software has announced the forthcoming availability of the next version of the industry's premier automated malware analysis tool, CWSandbox. Sunbelt also announced the availability of its Exploit Feed, a new component to its Threat Track data service which provides customers with the industry's most accurate and up-to-date feeds, identifying and propagating to researchers the latest malicious URLs and malware. Both offerings rely on the world-class research efforts of SunbeltLabs, the malware research and analysis division of Sunbelt Software.

CWSandbox is an automated behaviour analysis tool that uses unique technology for the automatic detection of malware. The forthcoming release of CWSandbox v3.0 will give researchers the ability to compare multiple analyses for differences and similarities, allow them to send malware samples to multiple sandbox configurations and centrally manage the process. Unlike other malware analysis tools on the market today, CWSandbox provides true automation and gives those on the front lines of cyber-defence the ability to analyse in bulk and save crucial time.

Security researchers will have the ability to compare simultaneously how malware operates in a variety of environments. By using this sophisticated analysis, enterprises can put security best practices in place to account for how malware behaves differently on varied desktop configurations within their networks. This provides proactive protection against targeted threats.

"Sunbelt has a long history of marrying its endpoint anti-malware tools with state-of-the-art threat research," said Chad Loeven, VP, business development for Sunbelt Software. "Cooperation and sharing of such research in the security community is essential for the timely protection of businesses, federal agencies and consumers against the rising tide of malware attacks. SunbeltLabs is continually improving its world-class research methods in order to lead the effort to keep the bad guys out."

To that end, Sunbelt introduces a new Exploit Feed, one of the vital data streams maintained by SunbeltLabs and now part of the Threat Track service. The Exploit Feed tracks URLs deemed to be malicious based on a set of behaviour and code traits, and is updated continuously, identifying links to exploits before users can become infected. The URLs are passed through an array of "honeyclients" configured to detect any malicious activity.

Data captured by the Exploit Feed include files dropped by the URL, other URLs involved in the exploit process, code containing the actual exploit, and an XML behaviour analysis report of the browser and all related malware processes. The Exploit Feed, in conjunction with the other feed components of Threat Track, is heterogeneous in nature and can be incorporated into cloud, gateway and desktop Web security solutions.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo