Oslo, Norway based Norman, a provider of malware analysis solutions, today announced the launch of its next generation malware analysis platform, Norman Malware Analyzer G2.
The G2 platform incorporates new sandboxing technology that emulates Windows environments, enabling malware analysts to observe malware’s behavior – including in virtualized environments – without putting live, operational systems at risk.
The G2 malware analysis framework brings the benefits of traditional sandbox analysis, and also adds what Norman calls “IntelliVM” capabilities, which embeds Norman’s KernelScout technology, an intelligence observation agent embedded at the lowest level of the system’s kernel, to offer deep-level analysis for discovery of deeply hidden suspicious software behavior.
While next-generation malware and application vulnerabilities have been in the spotlight recently, Norman researchers believe that kernel-level threats are more fundamental – and potentially more dangerous – than others that have been seen in the Windows environment recently.
Norman’s G2 platform helps large corporations, service providers and government agencies that see high volumes of malicious software files keep up with the onslaught, while offering analysts a web-based management and operations console that delivers customizable technical and executive reports as needed. The solution is plug and play and customizable to every need, and includes APIs that deliver the flexibility to integrate with existing analysis labs, honeypots, and other systems already in place.
The Norman Malware Analyzer G2 framework includes:
• Norman SandBox, a fully emulated Microsoft Windows malware analysis environment
• Norman IntelliVM, VM analysis monitors system events for signs of malicious behavior, adding more flexibility to analyze non-traditional malware and more precise mirroring of custom environments for advanced and targeted threats
• IntelliVM uses Norman’s KernelScout driver, embedding the intelligence observation agent at the lowest level of the system’s kernel for super performance
• Analysis Desktop, a Web Based management & operations console offering unparalleled easy-of-use and functionality
• Appliance or software, & APIs – Available as a hardware appliance or software solution, a flexible architecture delivers the speed and efficiency of the next generation solution, where and whenever needed.
• Norman Malware Debugger PRO, performs deep analysis of suspicious files with all of the functionality of traditional reverse engineering and debugging tools in a single interface, performing advanced analysis of the most complex malware threats organizations encounter
More information is available at:
http://norman.com/business/sandbox_malware_analyzers/en-us
