Featured

Exodus Logo

Exodus Intelligence is a recognized leader in vulnerability discovery, exploitation techniques, and vulnerability intelligence. Our team works closely with Exodus to leverage their knowledge and capabilities to 0-day attacks targeting our customers.

OPSWAT Logo

OPSWAT provides the on-premise detection benefits of over 30 anti-malware engines in a single solution, Metadefender Core. Our product integrates directly with Metadefender, coupling the depth of our Deep File Inspection capabilities with the breadth of coverage from an entire industry.

Tailored Solutions Logo

Tailored Solutions is an information security company that provides services and training to clients in both the private and public sectors. Our mission is to provide the highest level of education and services to our clients in the areas of intrusion detection, incident response, security information event management, security architecture design, reverse engineering, assessments and custom solutions development.

SIEM Integrations

ArcSight Enterprise Security Manager (ESM) is a comprehensive threat detection, analysis, triage, and compliance management SIEM platform that dramatically reduces the time to mitigate cyber-security threats. ArcSight allows security teams to move from enriched event data, to powerful real-time correlation, use workflow management and security orchestration, and to triage advanced persistent threats to mitigation and resolution.

InQuest's Threat Discovery Engine (TDE) integration discovers threats embedded within network content based on the weekly updated InQuest proprietary signature pack. InQuest's TDE integration, in conjunction with Micro Focus ArcSight, provides users with the ability to monitor and correlate alerts within the ArcSight Console. InQuest’s MetaDefender Core integration provides the capability of scanning files with multiple Antivirus engines without having to disclose files outside of your network boundaries. When this integration is enabled, InQuest will automate the process of submitting files, logging, and alerting on AV engine hits while forwarding network and file alert information to ArcSight via syslog.

InQuest Partner Integration.

Splunk Enterprise makes it simple to collect, analyze and act upon the untapped value of the big data generated by your technology infrastructure, security systems and business applications—giving you the insights to drive operational performance and business results.

The Splunk Addon for InQuest allows a Splunk® Enterprise administrator to search and build visualizations and alerts for InQuest device logs.

Technology Integrations

Cuckoo Sandbox is free software that automated the task of analyzing any malicious file under Windows, OS X, Linux, and Android. Cuckoo Sandbox is an advanced, extremely modular, and 100% open source automated malware analysis system with infinite application opportunities.

The TippingPoint Threat Protection System (TPS) offers comprehensive network security through actionable security intelligence, shielding against vulnerabilities and exploits and defending against known and zero-day attacks. Using a combination of technologies such as deep packet inspection, threat reputation, and advanced malware analysis, the TPS provides enterprises with a proactive approach to security.

FireEye cyber security products combat today's advanced persistent threats (APTs). As an integral piece of an Adaptive Defense strategy, our state-of-the-art network security offerings protect against cyber attacks that bypass traditional signature-based tools such as antivirus software, next-generation firewalls, and sandbox tools.

Joe Sandbox is the platform for SOCs, CIRTS, CERTS and security teams. Based on Deep Malware Analysis Joe Sandbox automatically generates very detailed reports describing the malware behavior, its payload and installation. By using the detailed reports security teams can accelerate their Digital Forensics & Incident Response and do no longer need manual analysis. Extracted IOCs, OpenIOC and MISP report can be easily shared with customers and the security community.

VxStream Sandbox is an innovative and fully automated malware analysis system that includes the unique Hybrid Analysis technology. It is available as a standalone software package that is automatically deployed within your local infrastructure and operates without an external dependency or callback mechanism. It is possible to execute files on any Windows guest image (e.g. a copy of your local workstation) and has a variety of integration and interface capabilities.

VMRay delivers advanced threat analysis and detection that combines a unique agentless hypervisor-based network sandbox with a real-time reputation engine. The combination provides both fast, high volume file classification and deep malware analysis. The VMRay Analyzer is platform independent and highly scalable, the result of a decade of R&D by some of the world’s leading experts on dynamic malware analysis. By monitoring at the hypervisor level, it is undetectable by malware running in the target operating system. VMRay serves leading enterprises around the world.