Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Endpoint Security

CrowdStrike Adds Malware Search Engine to ‘Hybrid Analysis’

Endpoint security firm CrowdStrike on Tuesday announced that new search capabilities have been added to the company’s Hybrid Analysis service.

Endpoint security firm CrowdStrike on Tuesday announced that new search capabilities have been added to the company’s Hybrid Analysis service.

Hybrid Analysis is a free malware analysis service owned by CrowdStrike since November 2017, when it acquired Payload Security, the firm that originally developed the automated malware analysis sandbox technology.

Hybrid Analysis leverages CrowdStrike’s Falcon Sandbox, a malware analysis framework that the company claims has been used worldwide by many security operations centers, CERTs, cyber forensics labs, researchers and threat intelligence services.

Starting with August 21, Hybrid Analysis also includes malware search features powered by CrowdStrike’s Falcon MalQuery, a proprietary cloud-based malware research tool that allows industry professionals to quickly and efficiently search a massive collection of samples.

The addition of Falcon MalQuery to Hybrid Analysis allows users to quickly scan through petabytes of threat data based on YARA rules or string/binary patterns. Each search can be refined based on certain criteria, such as the type, date and size of the file.

CrowdStrike adds Falcon MalQuery to Hybrid Analysis

According to the security firm, running a scan takes only minutes instead of hours, and search results can be downloaded and shared.

CrowdStrike has described the addition of Falcon MalQuery to Hybrid Analysis as donating the tool to the community.

The company has published a blog post that briefly explains how the new search capabilities work.

Advertisement. Scroll to continue reading.

Related: CrowdStrike Unveils New Endpoint Protection, Threat Analysis Solutions

Related: CrowdStrike Raises $200 Million at $3 Billion Valuation

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Cyberwarfare

An engineer recruited by intelligence services reportedly used a water pump to deliver Stuxnet, which reportedly cost $1-2 billion to develop.

Malware & Threats

Unpatched and unprotected VMware ESXi servers worldwide have been targeted in a ransomware attack exploiting a vulnerability patched in 2021.

Malware & Threats

Apple’s cat-and-mouse struggles with zero-day exploits on its flagship iOS platform is showing no signs of slowing down.