Identification of advanced and zero-day malware
NetWitness, a provider of the enterprise standard in network monitoring, has said that it will unveil Spectrum, an automated malware analysis offering at RSA Security Conference.
The new Spectrum replicates the knowledge, process, and workflow of malware analysts to enable the identification of advanced and zero-day malware.
The new offering mimics the techniques of other malware analysts by asking questions about an object and all of its related network behavior, without requiring a signature or a known bad action.
In addition, the new offering leverages on the company’s Live by fusing and triangulating information from leading threat intelligence and reputation services to assess, score, and prioritise risks.
The malware analysis offering utilises NetWitness NextGen’s pervasive network monitoring capability for network visibility and extraction of all content across all protocols and applications.
NetWitness chief technology officer Tim Belcher said previous products attempted to identify zero-day malware implemented black box methodologies that rely on accurate threat intelligence to target a very limited sample pool to a singular form of malware analysis.
"Spectrum transparently delivers NetWitness’ pervasive real-time monitoring along with a diverse range of potent analytic methods," Belcher said.