ValidEdge Showcases New Malware Intelligence System at RSA Conference

SAN FRANCISCO, CA–(Marketwire -02/28/12)- RSA Conference — ValidEdge, a wholly owned subsidiary of LynuxWorks, Inc., today announced the most recent version of the Malware Intelligence System (MIS) that provides threat response teams fast, in-depth and actionable information about new, unknown and obfuscated malware. The new MIS1300 product will be demonstrated at the ValidEdge booth #339 at the RSA Conference in San Francisco.

The ValidEdge Malware Intelligence Systems provide the most comprehensive information about new and unknown malware even when packed, encrypted and obfuscated. Malware analysts, incident response teams and Enterprise security teams can get a detailed report on malware within seconds, including assembly source code, customizable warning level and information about latent payloads. The ValidEdge appliances run malware directly on a real Windows system using a secure platform to contain any threats, and then use both static and dynamic analysis to get full information about the malware and its payloads.

The MIS1300 release adds extra features to the popular MIS1200 to enable more information about malware usage of network services, such as DNS, HTTP, FTP and SMTP, and examine new malware vectors, such as Adobe PDF, Adobe Flash and Microsoft Office files for embedded malware. One of the most important features introduced to the MIS1300 is its capability to classify new malware variants into an existing family based on its similarity of the base assembly source code.

The MIS1300 also offers new options for identifying the threat rating of malware by offering a customizable score sheet for IT and security professionals to specify what malware traits have the highest threat ratings, and the MIS1300 will aggregate and give a score per malware sample. The MIS1300 also allows for communication with other security appliance and security management solutions using its built-in RESTful API.

“New malware is becoming increasingly complex and at the same time more difficult to find and track because of advanced obfuscation techniques,” said Lixin Lu, CTO of ValidEdge, “Our latest ValidEdge appliance, the MIS1300, continues to provide more and more information about these new threats, enabling security teams to protect themselves and their infrastructure before it is too late.”

About the ValidEdge MIS1300
The Malware Intelligence System (MIS) 1300 processes large volumes of samples and analyzes unknown malware in seconds. The ValidEdge MIS1300 incorporates several innovative analysis engines for classification, decryption, unpacking, reverse engineering, and combined dynamic and static analysis to fully reveal the current and potential intention of unknown malware.

The ValidEdge MIS1300 provides a secure environment to expose malware, allowing responders to fully grasp the malware’s intention and learn what it was trying to target. It will also identify any logic bombs hidden in the malware waiting for a trigger to cause damage at a later time. Once the new malware has been identified, security professionals receive several detailed reports about the behavior of the malware. With this information responders are better equipped to clean zombie PCs and heal compromised systems. Organizations under malware attack no longer need to wait for signature updates. Using ValidEdge appliances enables organizations to make the right policy and security improvements to further strengthen their organization from future threats, in real-time.

ValidEdge appliances are unique in the use of military grade separation-kernel technology developed by LynuxWorks to meet the highest requirement of security critical systems. This technology allows complete isolation of the Windows environment so that malware cannot penetrate and corrupt the platform while it is being analyzed. This innovation ensures the integrity of the results. The MIS1300 utilizes modern multicore processors, a real-time hypervisor, and an instant Windows environment reload capability to analyze multiple samples simultaneously leading to unparallel analysis throughput.

Availability
The ValidEdge MIS1300 is available today and being demonstrated in booth #339 at the RSA conference in Moscone Center, San Francisco.

About ValidEdge
ValidEdge offers the world’s first appliance with separation kernel technology for very fast and secure malware analysis. Designed for the large financial, government and anti-virus (AV) organizations, ValidEdge purpose-built appliances complement current network and AV defenses. Led by a team experienced in building highly secure systems for mission-critical applications and knowledgeable in dismantling sophisticated malware, ValidEdge is ushering in the next generation of malware awareness. ValidEdge is a wholly owned subsidiary of LynuxWorks, Inc., a leader in safe and secure software solutions. For more information, please visit www.validedge.com.

ValidEdge is a trademark of ValidEdge. LynuxWorks is a trademark of LynuxWorks, Inc. Other brand or product names are registered trademarks or trademarks of the respective holders.

Article source: http://finance.yahoo.com/news/validedge-showcases-malware-intelligence-system-120000450.html

View full post on National Cyber Security » Virus/Malware/Worms