July 19, 2012 - 12:00
Pre-configured sandbox appliance helps businesses combat the growing threat from advanced persistent threats and targeted cyber attacks
GFI Software in collaboration with OPSWAT Inc., a leader in multi-engine malware scanning solutions, today announced the launch of a dynamic malware analysis solution that combines OPSWAT’s Metascan® and GFI’s GFI SandBox™ on one integrated appliance. The synergy of these two products and the plug-and-play nature of the new appliance will make dynamic malware analysis more accessible to cyber-security professionals who are tasked with defending against advanced persistent threats (APT), targeted attacks and sophisticated malware like Flame.
The Metascan + GFI SandBox solution is ideal for malware researchers in the defense, healthcare, energy and financial services industries. It saves time, costs and resources for teams analyzing malware samples. The Metascan + GFI SandBox solution uses high speed multi-scanning to reduce the volume of files that need to undergo exhaustive analysis, then uses advanced sandboxing technology to provide a layer of malware analysis beyond signature and heuristic-based detection.
“Antivirus solutions alone are no longer a sufficient shield against the massive volume of sophisticated attacks today’s organizations face,” said Julian Waits, vice president, Advanced Technology Group, GFI Software. “While many threats are caught by antivirus solutions, advanced persistent threats frequently go undetected, highlighting the importance for enterprises to deploy a sandbox that can assess any suspect file for malicious behavior.”
Metascan uses more than 20 antivirus engines, including GFI VIPRE®, to increase zero-hour detection rates for all types of malware without the hassle of licensing, modifying, and maintaining multiple antivirus engines. All engines integrated into Metascan products are optimized to scan simultaneously for fast, high performance scanning.
“Metascan combines the malware scanning capabilities of the leading commercial antivirus engines to provide the security industry’s premier multi-scanning tool,” said Benny Czarny, CEO at OPSWAT. “With this new collaboration with GFI, the scanning power of Metascan will be further enhanced by integrating GFI SandBox to enable deeper sample analysis. Metascan + GFI SandBox customers will have an optimal workflow to quickly and efficiently assess targeted attacks and other threats.”
GFI SandBox is one of the industry’s leading malware analysis solutions. It enables users to test files and URLs for potential threats within a controlled environment so they can deploy and implement appropriate defenses when advanced malware and sophisticated cyber-attacks are discovered. GFI SandBox 4.0 was recently upgraded with a new Malware Determination Engine that provides users with risk levels of “Low”, “Medium”, “High” or “Known” for each potential malware sample analyzed. By combining Metascan with the GFI Sandbox Malware Determination Engine, security teams can more efficiently evaluate the increasing volume of malware and create a single workflow to reverse engineer samples and determine how to effectively block viruses.
Metascan uses customized logic based on scan results, file type or other factors to determine which files should be sent to GFI SandBox for deeper investigation. Using dynamic malware analysis, GFI SandBox then provides detailed information about the risk of the specified files. This workflow is particularly beneficial for researchers interested in looking more closely at suspicious files not yet detected as threats by any commercial antivirus engines.
To learn more about Metascan, visit http://www.opswat.com/products/metascan. To learn more about GFI Sandbox, visit www.gfi.com/malware-analysis-tool, send email to ATG@gfi.com or call 855-443-4284.
GFI will be demonstrating GFI SandBox 4.0 and its latest enhancements for security professionals at booth #631 at Black Hat USA 2012 from July 25-26 in Las Vegas.
GFI Software provides web and mail security, archiving and fax, networking and security software and hosted IT solutions for small to medium-sized businesses (SMB) via an extensive global partner community. GFI products are available either as on-premise solutions, in the cloud or as a hybrid of both delivery models. With award-winning technology, a competitive pricing strategy, and a strong focus on the unique requirements of SMBs, GFI satisfies the IT needs of these organizations on a global scale. The company has offices in the United States, UK, Austria, Australia, Malta, Hong Kong, Philippines and Romania, which together support hundreds of thousands of installations worldwide. GFI is a channel-focused company with thousands of partners throughout the world and is also a Microsoft Gold ISV Partner.
About OPSWAT, Inc.
Founded in 2002, OPSWAT is the industry leader in software management SDKs, interoperability certification and multiple-engine malware scanning solutions. With both software manageability and multi-scanning products, OPSWAT offers simplified and comprehensive SDKs that reduce time and costs for your engineering and testing teams. OPSWAT delivers: OESIS Framework, an open development framework that enables software engineers to develop products that manage thousands of third-party software applications; Multiple antivirus engine scanning products including Metascan (try the demo at www.metascan-online.com); Secure Virtual Desktop, a sandboxing solution for secure and private web browsing; AppRemover, a free utility that enables the complete uninstallation of security applications; and GEARS, a white-labeled, cloud-based solution for monitoring and managing computers, servers, and switches.