Smarter Malware Analysis

Introducing MetaDefender Malware Analyzer and OPSWAT Sandbox

Security teams need better detection and analysis capabilities to reduce the likelihood and potential impact of cyberattacks. Yet they face shortages of skilled cybersecurity staff, too many tools, and broken processes which inhibit their effectiveness in detecting and responding to advanced and targeted attacks.

In response to these challenges, OPSWAT has introduced two new solutions designed to reduce the overhead associated with manual analysis, remove the need for specialized skills, and break down the silos across disparate tools and disjointed workflows:

These solutions work together to make malware analysis smarter, resulting in faster and more accurate outcomes with less manual effort. MetaDefender Malware Analyzer provides a single, fully integrated framework to address malware tool integration, analysis orchestration, playbook automation, and consolidated reporting across numerous analysis tools. And with the OPSWAT Sandbox available either standalone, or as an integrated component to Malware Analyzer, security teams have the best available dynamic analysis capabilities that support both IT and OT-based file analysis at their disposal.

Let’s drill into what’s new with these solutions.

Integration Framework

To maximize existing security tools and make them accessible for use in analysis workflows, each tool is connected via a pre-existing integration or utilizes REST APIs. Each integration connector is treated as an object and can be dropped into a workflow and executed as part of an automated playbook.

Native Analysis Technologies

Not only can third-party malware analysis tools be integrated into Malware Analyzer, several OPSWAT MetaDefender technologies supporting static and dynamic analysis are provided native to the solution.

  • OPSWAT Multiscanning

As a key component of MetaDefender platform, OPSWAT Multiscanning leverages multiple anti-malware engines from leading third-party providers to deliver greater detection rates.

  • OPSWAT Sandbox

The OPSWAT Sandbox provides the industry’s leading dynamic analysis capabilities in support of protecting critical infrastructures – including both IT and OT-based environments. By employing the latest technology innovations from SNDBOX.com, a company acquired by OPSWAT in 2021, OPSWAT Sandbox generates results 3-times faster than legacy sandboxes, with more accurate results derived through artificial intelligence (AI).

Visual Workflows and Playbooks

Malware Analyzer provides analysts with a visual canvas-like environment to simply drag and drop the desired analysis technologies into a graphical workflow. These workflows can be executed as automated playbooks to ensure the right analysis for the right types of threats and environments are completed.

Local Indicator Repository

The resulting dataset of malware behaviors gathered through the analysis workflow is consolidated via an on-premises or private cloud indicator repository which is compatible with the Malware Information Sharing Platform (MISP).

Single, Integrated Framework

From one console, analysts and responders have all the resources they need to quickly analyze and investigate malware or suspicious files without requiring a deep knowledge of all the tools available. Malware Analyzer allows teams to simply select their analysis playbook, submit the file, and then review the results regardless of the number of tools involved – from one or dozens of separate tools.

These two new OPSWAT solutions are now available. For additional information or a demonstration, please contact an OPSWAT representative.

Release Details

  • Product: MetaDefender Malware Analyzer
  • Version: 1.4.1
  • Release Date: 19 January 2022
  • Documentation
  • Download Release from OPSWAT Portal: Download
  • Product: OPSWAT Sandbox
  • Version: 1.1.3
  • Release Date: 15 February 2022
  • Documentation
  • Download Release from OPSWAT Portal: Download
    Sign up for Blog updates!
    Get information and insight from the leader in advanced threat prevention.