Safely execute and analyze malware in a secure environment
Advanced malware is part of advanced, persistent cyber threats that act in a coordinated fashion to penetrate an organization’s defenses and establish a long-term foothold in the network. Malware analysis is an important part of preventing and detecting future cyber attacks. Using malware analysis tools, cyber security experts can analyze the attack lifecycle and glean important forensic details to enhance their threat intelligence.
Malware Analysis products provide a secure environment to test, replay, characterize, and document advanced malicious activities. Malware Analysis shows the cyber attack lifecycle, from the initial exploit and malware execution path to callback destinations and follow-on binary download attempts.
Benefits of Malware Analysis
Gain insight into cyber attacks to lower business risk:
- Inform future prevention strategies by providing deeper insight into attacker tools and tactics
- Stop the spread of attacks using auto-generated local attack profiles, instantly shared across the FireEye ecosystem
Automated analysis to improve efficiency:
- Load suspicious files or file sets through a simple interface
- Identify signature-less (never-seen-before) malware
- Integrate with antivirus products for deeper inspection of known malware
Single-test environment for Windows and MacOS:
- Host both Microsoft Windows and Mac OS X virtual machines in a customized hardened hypervisor
- Eliminate the cost and overhead of creating and maintaining multiple test configurations
- Automate setup, baselining and restoration of virtual machines to match actual OS usage
HIGHLIGHTS
As cyber criminals tailor attacks to penetrate a specific business, user account, or system, analysts need easy-to-use forensic tools that help them rapidly address targeted malicious activities. Aspire use group of forensic analysis platforms that give security analysts hands-on control over powerful auto-configured test environments to safely execute and inspect advanced malware, zero-day and advanced persistent threat (APT) attacks embedded in web pages, email attachments and files.
- Performs deep forensic analysis through the full attack life cycle, using the FireEye MVX engine
- Streamlines and batches analysis of suspicious web code, executables and files
- Reports in-depth on system-level OS and application changes to file systems, memory and registries
- Offers live-mode or sandbox analysis to confirm zero-day exploits
- Dynamically generates threat intelligence for immediate local protection via integration with the FireEye Central Management (CM) platform
- Captures packets to allow analysis of malicious URL sessions and code executions
- Includes the FireEye AV-Suite to streamline incident response prioritization
- Includes support for Windows and Mac OS X environments