Sunbelt Software today announced the availability of Sunbelt CWSandbox 3.0, an upgraded version of their automated dynamic malware analysis tool. CWSandbox leverages unique behavior analysis technology for the identification of malicious threats like PDF exploits, fake media players and other socially engineered attacks against enterprise or government networks.
The latest version enables security analysts and incident response teams to analyze the behavior of suspected files by executing code inside a controlled and monitored environment. It records all malicious activity including system changes, network traffic and memory dumps. One of the key features now in CWSandbox is Digital Behavior Traits (DBT) technology, which interprets the behavior of a file, ad, document or website to determine automatically whether it is malicious.
CWSandbox gives users the ability to safely analyze virtually any Windows application or file including infected documents, malicious URLs, custom applications and scripts in Flash ads. It also gives researchers the ability to compare multiple analyses for differences and similarities, and to send malware samples to multiple sandbox configurations and centrally manage the process.
By simulating the way in which a user would interact with a rogue application, CWSandbox automates what is otherwise a manual process. Rather than analyzing new threats on a case-by-case basis, security researchers can now simultaneously compare how malware operates in multiple environments.
“Automated threat analysis is essential to organizations that are targeted by malware writers with brand new viruses that have not yet been categorized or catalogued by traditional antivirus solutions,” said Chad Loeven, vice president and general manager for SunbeltLabs.