Contact Us Get Support

Stop Paying Ransomware

Eradicate Ransomware at the Source with InQuest's Email Security

Go Deep with our Deep File Inspection (DFI™) Platform

InQuest's DFI™ uncovers four times more data for analysis than the competition

RetroHunting™

Retrospectively analyze yesterday's attacks using today's threat intelligence

Tailored Threat Intelligence

Track the Threat Actors specifically targeting YOU

Email Security Assessment

Email-borne Emerging Threats Attack Simulation. Is your organization exposed?
Deep File Inspection (DFI™): Reveal over 4x more inspectable content.
Mitigate Ransomware, Prevent Phishing, Eliminate SPAM.
RetroHunting: Apply tomorrow's intelligence to yesterday's data.
Enhance your GSuite or O365 Email Security.
Ingest, discover, score, and export IOCs for integrated defense.
Platform supports SaaS, hardware appliance, VPC, and VM.
Ingest data in-motion, in-use, and at-rest.
Operationalize your threat intelligence at scale.
Latest Flash Alert
No flash alerts available at this time. See prior flash alerts.

Introducing the Deep File Inspection (DFI) Platform

A hybrid threat analytics and hunting platform that delivers scalable Network, File and Object analysis deployable in the Cloud and across your Enterprise.

Deep File Inspection (DFI)

Cloud-Delivered Analytics & Protection

Network Detection & Response

Threat Intelligence

Solution Spotlight

Integrated Email Security

Our integrated email protection prevents sophisticated attacks that evade the built-in capabilities of the cloud providers.

RetroHunt

Proactively hunt for threat actors that initially evaded your defenses, reduce their dwell time and eliminate their foothold.

Email Security Assessment

Identify gaps in your existing email security controls and coverage by simulating attacks that leverage emerging malware threats.

Why InQuest?

File Analysis at Scale

Ingestion and dissection of tens of millions of files daily leveraging a combination of our Deep File Inspection (DFI) analysis engine and our proprietary machine learning apparatus.

Zero-Day Attack Coverage

Mitigation of attacks targeting publicly unknown vulnerabilities that affect a wide array of commonly used software solutions.

Eradicate BEC, Malware and Ransomware Attacks

Our cloud-based integrated email security solution, leveraging our patented Deep File Inspection (DFI), goes to unparalleled levels of scrutiny to analyze, identify, and ultimately prevent malware, phishing, ransomware, spam and scams from being delivered to your users.

Operationalize Your Threat Intelligence

Leverage our platform to operationalize machine readable threat intelligence (MRTI) information at scale and tag your data as it flows through your environment.

Continuous Threat Hunting via RetroHunting

Through the use of RetroHunting, we provide you with the ability to proactively hunt for threats related to advanced targeted attacks that may have initially bypassed your real-time defenses. This answers the question of "Was this new attack or technique successful in bypassing our security defenses?"

Intelligent Orchestration

We aim to automate and scale the expert knowledge of a SOC analyst. Our platform leverages a variety of sources in an automated decision-making engine that includes bi-directional orchestration with multi-scanning and sandbox solutions, unique threat intelligence sources and a seasoned research team augmented by a variety of machine learning models.

Machine Learning Assisted Threat Prevention

Our proprietary machine learning software is built out of four well-vetted classifiers and uses previously collected data on malicious and benign content to automatically discover patterns that might be left uncovered by signatures. On a weekly basis, models constructed from our ML algorithms are updated with the latest information from previously processed network traffic.

SIEM Data Enrichment

Enhance your security posture and maximize the investment you've made on your existing security infrastructure by expanding your Indicators of Compromise (IOCs) and overlaying our machine readable threat intelligence (MRTI) information on top of your alerts, logs, etc. Efficiently and effectively surface malware activity from your security tools that may have gone undetected for weeks or even month in the past.

Tailored Threat Intelligence

Our tailored intelligence offering monitors the clear, deep and dark web for information directly pertaining to your organization and provides actionable intelligence specific to the risks and threats specifically associated with your assets.

Sandbox Offloading and Optimization

Large scale dynamic analysis through the use of sandbox detonation is a resource intensive and time-consuming operation. Offset the load on your dynamic analysis solutions by leveraging our static analysis platform and achieve accelerated threat detection at scale leaving only the most critical files of interest for runtime analysis.

Products

Protect the Cloud

Transformative SaaS security enabling your digital transition to a highly-scalable and multi-tenant cloud-native architecture.

Read more

Defend the Enterprise

Secure your enterprise by delivering proactive threat prevention to your client networks while protecting your users and safeguarding your data.

Read more
Latest Blog

CVE-2021-40444

Microsoft MSHTML Remote Code Execution Vulnerability As we roll into autumn and the season changes, so does the threat landscape. The emergence of new CVE signals another arms race with both sides vying for effectively leveraging the exploit and understanding how to mitigate the effects respectively.
As we roll into autumn and the season changes, so does the threat landscape. The emergence of new CVE signals another arms race with both sides vying for effectively leveraging the exploit and understanding how to mitigate the effects respectively. As with all Common Vulnerabilities and Exposures, comes questions such as “How does this affect me or my organization?” and “What can I do to mitigate this?” The focus of this blog is to explore these concerns as well as provide further context surrounding CVE-2021-40444 and the initial maldoc delivery
Latest Event

InQuest @ Black Hat USA 2021

Now in its 24th year, Black Hat USA is excited to present a unique hybrid event experience, offering the cybersecurity community a choice in how they wish to participate. Black Hat USA 2021 will open with four days of Virtual Trainings (July 31-August 3) conducted in real-time online, with all instructors accessible throughout each class. The two-day main conference (August 4-5) featuring Briefings, Arsenal, Business Hall, and more will be a hybrid event—offering both a Virtual (online) Event and a Live, In-Person Event in Las Vegas. See the Conference Highlights below for more details.
Latest White Paper

Data Loss Discovery Driven by Deep File Inspection (DFI™)

The purpose of this whitepaper is to describe the capabilities provided by the InQuest platform related to identifying the exposure of sensitive information. With the recent explosion of data breach reports in the news, preventing the loss of sensitive data has become an area of focus for many organizations.

Here's what our customers are saying

Prior to having InQuest, file decompression, decoding and post-processing were all manual steps that were very time consuming for us. Now that we're using InQuest, all of those steps are automated and it has given us the ability to apply these steps to not only files we think are suspicious, but all files received by our users.

Malware Analyst, US Intelligence Community

Having the ability to search historically based on file content is like having our own internal VirusTotal Retrohunt.

Intrusion Analyst, US Department of Defense

The threat score calculation and assignment being performed by InQuest's engine makes it easy for us to sift through the legitimate sessions and focus on the real threats targeting our users.

Intrusion Analyst, US Department of Defense

InQuest provides a complete network forensics picture, from session details such as header information to file details such as the hash, size, type and even the raw file.

Incident Handler, US Intelligence Community

The data loss prevention coverage InQuest provides for data-in-transit is second to none.

Intrusion Analyst, US Department of Defense

The InQuest platform is unlike any other network-based security system we've seen. The performance of their native capture engine and analytic capabilities are unparalleled in terms of the throughput it can support and the number of files it can dissect and analyze.

Security Engineer, US Department of Defense

The third-party integrations with multiav and sandbox solutions are seamless. We have never had a security platform that made it so easy to automate all of our static and dynamic file analysis efforts.

Security Engineer, US Department of Defense

Over half of our customer’s traffic is encrypted and InQuest is the first security platform we’ve seen with a specific focus on using SSL related indicators of compromise to detect the bad guy’s infrastructure.

Intrusion Analyst, Managed Security Service Provider

The threat intelligence InQuest is able to gather and disseminate via their reputation and threat feeds has alerted us to numerous customer compromises. They are truly at the cutting edge when it comes to identifying threat actor infrastructure as it is deployed.

Intrusion Analyst, US Intelligence Community

It’s pretty amazing that they are able to support capturing, reassembling, processing, storing and inspecting content at speeds over 20Gb without dropping traffic all in a 1U box.

Security Engineer, Department of Defense

We’ve been customers for several years now and up until the recent acquisition of their appliances we were running their collectors on 4U boxes with flash storage cards. As a result of that acquisition, we went from having to deal with three different vendors to one vendor, reduced our rackspace footprint as well as our power consumption which all resulted in a huge cost savings for us. Kudos to InQuest!

Director of Information Security, E-Commerce Company

Through their data orchestration and workflow, they’ve made it really easy for us to establish repeatable workflows from within their UI. That has saved our SOC analysts a considerable amount of time and has enabled them to pivot through data from numerous systems all from a single pane of glass.

SOC Operations Lead, Department of Defense
 
See all

InQuest is excited to announce that we are making the proprietary Threat Intelligence that fuels our platforms available as a standalone offering to the public.

There is little debate about Threat Intelligence (TI) sourcing and the value it brings to organizations. Infrastructure tracking tradecraft is a requisite layer of augmentation for rapid response in today's threat landscape. Infrastructure tracking tradecraft is a requisite layer of augmentation for rapid response in today's threat landscape. By tracking threat actors through multiple anchors on TTPs and IOCs (IPs, domains, SSL certs), we're able to maintain knowledge of active campaigns even as they evolve day-to-day. Read more within this Press Release that details some early warning indicators.

Get The InQuest Insider

Find us on Twitter for frequent updates, follow our Blog for bi-weekly technical write-ups, or subscribe here to receive our monthly newsletter, The InQuest Insider. We curate and provide you with the latest news stories, field notes about innovative malware, novel research / analysis / threat hunting tools, security tips and more.

This website stores cookies on your computer. These cookies are used to improve the usability of this website and provide more personalized experience for you, both on this website and through other websites. To find out more, see our Privacy Policy.
Accept