STRATEGIC BUSINESS PARTNERS

Platin Bilişim has cooperations with the strongest and leader brands. Our target is not only make a difference on our rivals via our certificated and powerful engineer staff but also; providing IT security products and services for our customers from end to end.

Malware Analysis Appliance - ATP

Blue Coat Malware Analysis is a key component of Blue Coat’s Advanced Threat Protection solution. Integrated with Blue Coat Content Analysis, Blue Coat Mail Threat Defense or Blue Coat Security Analytics, it provides a highly scalable solution for detecting and analyzing unknown, advanced, and targeted malware. Also it uses specialized virtual environments for abnormal detection.

This adaptive and customizable sandbox solution delivers enterprise-class, comprehensive malware detonation and analysis using a unique, dual-detection approach to quickly analyze suspicious files and URLs, interact with running malware to reveal its complete behavior, and expose zero-day threats and unknown malware.

Expose More Malicious Behavior

Malware Analysis utilizes a powerful dual-detection approach that combines virtualization and emulation to capture more malicious behavior across a wider range of custom environments than typical consolidated single-sandbox solutions.

  • Emulation Sandbox: An instrumented, fully controlled, replicated PC computing environment emulates Windows systems to detect malware that otherwise will not detonate within a virtualized environment 
  • Virtualization Sandbox: Custom analysis profiles replicate actual Windows production environments, down to the applications and versions in use, to quickly spot anomalies and behavioral differences that unveil anti-analysis, sleep, and other advanced evasion techniques.

A virtualized Android sandbox detects and analyzes mobile threats traversing enterprise networks. Multiple Detection Techniques Malware Analysis uses a combination of static and dynamic analysis techniques that employ standard, custom, and open source YARA patterns to unmask cleverly disguised malware. It detects packed malware and VM-aware samples that alter their behavior in an artificial environment, plus malware that attempts to wait out any sandbox analysis using short or long sleeps.

Defeat Anti-Analysis at Many Levels

Anti-analysis defeating tools – such as hookbased introspection, high-level and low-level event capture, and detection in both kernel and user modes – intercept and convert behavior into detailed forensic intelligence. Interact with Running Malware a flexible plug-in architecture extends detection and processing by interacting with running malware, clicking through dialog boxes and installers, and generating unique post-processing analysis artifacts.

Generate More Relevant Results

Virtual machine profiles replicate multiple custom production environments, allowing security analysts to analyze threats across a range of operating systems and applications. They can closely match their organizations’ desktop environments, gathering intelligence on malware targeting their organizations directly or seeking to exploit specific application vulnerabilities.

Customize Detection and Risk Scoring

Detection criteria, analysis parameters, firewall settings, and risk scoring can all be customized to add flexibility, unique detection, and fast response capabilities when analyzing non-traditional and targeted malware in unique production environments.

Adaptive Intelligence for Changing Threats
Since Malware Analysis does not rely on static signatures, its flexible detection patterns are designed to detect polymorphic files, single-use targeted malware, and fast-changing website domains.

Detailed Forensics for Remediation
Blue Coat sandboxing technology provides security defenders a comprehensive map of the damage – including both host-based and network indicators of compromise – that any malicious file or URL would cause to equivalently configured production machines without putting actual computers or sensitive data at risk.

Share Threat Intelligence

As unknown, advanced, or targeted malware and zero-day threats are exposed, the previously unseen or uncategorized threats are shared across the security infrastructure with the Blue Coat Global Intelligent Network, a network effect of our 15,000 customers worldwide.

Inoculation for Forward Defenses

Malware Analysis turns unknown threats into known threats and shares threat data with others across the global network, improving the effectiveness of front-line defenses such as Blue Coat ProxySG secure web gateways by moving protection forward to the perimeter where blocking will take place for subsequent attacks.

 

Do you want to get more information about Malware Analysis Appliance - ATP?