Actionable Intelligence for Malware Defense.

Products & Solutions » Products » Malware Analysis (MAG2)
Malware Analysis (MAG2)

Malware Analyzer G2 – Automated Malware Analysis

Advanced threat intelligence with automated malware analysis powered by Norman Shark SandBox® and IntelliVM

The Norman Shark Malware Analyzer G2 provides industry-leading Hybrid SandBoxing, technology that enables IT and security teams to run suspicious artifacts through the Norman Shark SandBox®, and concurrently analyze the code in Norman Shark’s virtualized IntelliVM modules.  Norman Shark’s Hybrid SandBoxing combines the traditional emulated sandbox with IntelliVM technology for comprehensive malware threat analysis.  The dynamic malware analysis capabilities of the MAG2 product s are unmatched by any other products.

Malware Analyzer Benefits

  • Powerful Data Mining and Threat Assessment – Hybrid SandBoxing produces intelligence unmatched by any other solution
  • Web-Based Analysis Desktop management dashboard console. Users can search the malware intelligence and collection database, storing samples, reports, and events
  • Scalable Architecture – Process hundreds of thousands of files per day with parallel sample processing
  • Rapid Deployment – Integrates into many different environments and workflows with flexible APIs
  • Ease of Use – Drill-down to effortlessly generate the intelligence of a seasoned reverser for more advanced risk assessment
  • Flexible Reporting – Customizable intelligence reports with real-time incident alerting

Malware Analyzer Features

  • G2 Malware Analysis Framework – Detects unknown and advanced threats
  • Norman Shark IntelliVM – Offers greater control over test environments and structured storage of samples for superior behavioral analysis
  • Norman Shark SandBox – Offering multiple profiles, Norman Shark’s patented SandBox is a proven weapon against cyber threats
  • Code Interrogator Pattern Matching - Transfer existing analysis expertise to automatically compute custom risk scores
  • Supports multiple VMs with Windows XP® and Windows 7® base OSes, and unlimited software configurations
  • Plugin architecture allows environment preparation, execution control, post-processing analysis and data collection using Python scripts
  • RESTful API (RAPI) allows integration into many different environments and workflows
  • Scan files from a website based on URLs

Superior Malware Analysis with IntelliVM

Norman Shark has taken malware analysis to the next level with a hybrid sandboxing model. By integrating the latest virtualization technology with the Norman Shark SandBox, Norman Shark has combined the benefits of code emulation with VM introspection to offer unmatched threat intelligence.

IntelliVM images can be fully customized, giving analysts the ability to analyze any threat type, in any version of any application they choose. IntelliVM can be tailored to match your organizations desktop environments, gathering intelligence on malware targeting your environment and specific application vulnerabilities. > Read More

Hybrid SandBox

Norman Shark SandBox®, a pro-active anti-malware technology,  is a fully emulated Windows environment clone for simulating code execution, built to fight cyber threats. The operating system, software, system hardware, and network are all simulated, unlike any other tool on the market. Focused on analyzing malicious threats, Norman Shark Sandbox enables quick adaptation to the changing threat landscape. > Read More

Comprehensive Malware Defense with Norman Shark Network Protection

When the Malware Analyzer G2 (MAG2) is deployed with Norman Shark Network Protection(NNP), the interception and discovery of malicious files in your network is simplified.  NNP collects files on the wire, detects known malware and delivers payloads from unknown threats to the MAG2 for deep malware analysis. Once analysis is completed in MAG2, security teams have actionable intelligence to remediate the damage from the malware. In addition, MAG2 provides NNP with detection criteria for the malware so that future attacks can be blocked.

blue_arrow
“In today’s climate of persistent threats, network defense alone is no longer enough. In order to protect networks from the proliferation of targeted attacks and unknown threats, analysts need dynamic malware intelligence capabilities that allow them to respond quickly in the event of an incursion.”