Most modern anti-malware solutions have limitations when it comes to the detection, inspection, and mitigation of embedded file content. This results from the tendency of malware to be nested in multiple layers of an application, making its detection extremely difficult. InQuest’s platform enables users to create and apply custom static analysis signatures leveraging the same performance and deep analytics benefits as the rest of the platform. This allows for multi-engine scanning using the latest information about emerging malware threats.

In addition to the onboard, multi-scanning that InQuest provides from numerous Threat Discovery Engines, we also have an external integration with OPSWAT’s Advanced Threat Prevention Platform. OPSWAT pioneered the concept of combining the scanning results of multiple antiviruses to produce a more accurate determination of the probability that a given file is malicious.

The OPSWAT Metadefender Platform is a hardware appliance that scans a file using over thirty major antivirus engines to maximize the probability that known malware is correctly identified.

Click below to learn more about how we beat traditional Anti-Virus

After the demise of the Dyreza banking malware, the banking trojan vacuum was filled by the TrickBot malware family. TrickBot is an advanced banking and information stealing trojan which is modular in design and can propagate through a network .

At InQuest, YARA is one of the many tools we use to assist in deep-file inspection. Since InQuest operates at line speed in very high-traffic networks, our rules need to be just as fast. Here we examine how to optimize YARA signatures to increase performance.

Emotet is one of the most prevalent malware families in the cybercrime realm in 2018. In this case we will look at an Emotet phishing campaign that led to the delivery of not just one malware family but three; AZORult, IcedID, and TrickBot.