We provide the customer with the ability to perform Hunting through historical artifact queries and file analysis using our internal RetroHunt component (retrospective static file analysis).
In addition to the Deep File Inspections signatures provided by InQuest Labs, the platform provides the ability to create, test, and tune custom signatures to address threats to your organization.Retrohunt is a perfect solution to scan previous network events with emerging 0-day signatures.Read More
Most modern anti-malware solutions have limitations when it comes to the detection, inspection, and mitigation of embedded file content. This results from the tendency of malware to be nested in multiple layers of an application, making its detection extremely difficult. InQuest’s platform enables users to create and apply custom static analysis signatures leveraging the same performance and deep analytics benefits as the rest of the platform. This allows for multi-engine scanning using the latest information about emerging malware threats.Read More
Deep File Inspection, or DFI, is the reassembly of packets captured off of the wire into application level content that is then reconstructed, unraveled, and dissected (decompressed, decoded, decrypted, deobfuscated) in an automated fashion.
This allows heuristic analysis to better determine the intent by analysis of the file contents (containers, objects, etc.) as an artifact.Read More