Malware extraction and analysis by Solera

Solera Networks announced the latest enhancement to its DeepSee platform – the Real-Time File Extractor, which enables immediate, automatic identification and alerting of advanced and zero-day threats. In addition, by integrating with malware detection and analysis systems, the DeepSee platform enables organizations to leverage existing tools to respond faster and more accurately to attacks.

The Solera Real-Time File Extractor delivers a host of new capabilities, including:

• Actionable, real-time file extraction – Highly configurable, policy-driven extraction based on geo-location or Deep Packet Inspection (DPI) attributes such as transport protocol, file extension or mime-type.
• Continuous detection of all network traffic – Upon extraction, configurable actions include hash calculations and indexing, reputation checks, submission to indexers or search engines, or presentation to local or cloud-based malware analysis tools.
• Instantaneous presentation of artifacts – Artifact information becomes instantly available and browsable within Solera’s high-performance database, Solera DB.
• Policy-based, alert-triggered extraction technology – Easily automate the analysis of today’s most common threat vectors: PE (portable executable) files, PDFs, Javascript, Java JAR files, Flash and Microsoft OLE documents.
• Cost-effective, extensible protection of remote/branch offices – Security intelligence and forensics platform enabling the identification and alerting of advanced malware and threats at distributed locations and offices, as well as both physical and virtual network environments.

Today’s targeted attacks are executed using advanced, low-lying and multi-vector malware that propagates beyond the view of traditional security products, breaching even the best-defended networks. Protecting organizations from the damaging effects of these targeted attacks requires advanced Network Intelligence and Forensics to see, identify and know everything happening on the network. Solera’s Real-Time File Extractor technology elevates malware inspection analysis and data-loss detection capabilities to a new, unmatched level.

“At the most basic level, we are in a constant battle to keep the “bad stuff out’ of and the “good stuff in’ our information systems. Since such events tend to involve files, the ability to recompose files in real-time and to dispatch them to a diverse set of tools gives us a new level of insight into traffic on our networks,” said Joe Levy, CTO of Solera Networks. “This is the cumulative evolution of network security and analytics: from packets, to flows, to Deep Packet Inspection – and now, to entire files on the wire.”