Invincea, a provider of endpoint security solutions that leverage secure virtual containers to protect against advanced malware and other threats, has released a free malware discovery and analysis tool for the forensics analysts and incident responders.
Dubbed Invincea Research Edition, the solution includes licenses of Invincea FreeSpace -which creates a secure virtual container around web browsers and their plug-ins — PDFs and documents such as Microsoft Excel, Word and PowerPoint and features advanced behavioral-based detection proven to spot known, unknown and zero-day malware.
“With Invincea FreeSpace, DF/IR teams can investigate potential wateringhole attacks, discover drive-by download sites and analyze suspicious email links, PDF and other document attachments simply by visiting URLs or opening those documents,”the company explained. “When an exploit is detected, forensic information related to the malware is sent to a cloud-hosted instance of Invincea Management Service (IMS) where threat intelligence is crowdsourced. DF/IR teams will analyze the findings inside IMS — including details on command and control, timelines of attack, registry changes, dropped files and more.”
Invincea Research Edition is also integrated with ThreatGRID’s malware analysis and threat intelligence platform, which helps provide deeper contextual analysis and enables users to chart the origins of a thwarted attack, conduct advanced searches, and correlate events and code samples with analyzed artifacts in ThreatGRID’s database.
Furthermore, Invincea Research Edition includes Invincea’s “CrowdSource” tool, a command line tool for malware analysis that requires no expertise in analyzing malware. “Given an arbitrary executable, CrowdSource will tell you the capabilities of that executable within seconds via a command line utility,” Invincea said.
“As a company, one of Invincea’s core values is to be an active and valuable contributor to the security community,” said Anup Ghosh, Founder and CEO of Invincea.
“We’re excited to participate with Invincea in the roll-out of Invincea Research Edition,” said Dov Yoran, Co-Founder and CEO of New York City-based ThreatGRID. “This collaboration will extend our rich global and historical context that we provide to SOC analysts, threat intelligence analysts, incident responders and reverse engineers, empowering them with deep, accurate knowledge on threats to speed up investigations, proactively defend against advanced threats and maximize the value of their existing investments.”
In June 2013, Invincea announced an OEM partnership with Dell under which the PC maker would ship systems with Invincea technology installed straight from the factory on all commercial systems including its Precision, Latitude and Optiplex machines.