Malware analysis platform

Norman launched the Norman Malware Analyzer G2 platform, which elivers the benefits of traditional sandbox analysis while also offering new IntelliVM capability which embeds Norman’s KernelScout technology for discovery of hidden suspicious software behavior.

Microsoft environments can be analyzed using cutting edge emulation and the latest virtualization technologies. This approach offers threat intelligence and visibility into malware exploiting Microsoft applications such as Office, third party files such as PDFs and web threats from URLs.

In a risk environment where large corporations, service providers and government agencies may see 100,000 malicious software files in a day, Norman’s analyzer solution has the scalability to keep up with the onslaught, while offering analysts a web-based management and operations console that delivers customizable technical and executive reports.

The solution is plug and play and customizable to every need. The analyzer’s APIs deliver the flexibility to integrate with existing analysis labs, honeypots, and other systems already in place.

The Norman Malware Analyzer G2 framework includes:

• Norman SandBox, a fully emulated Microsoft Windows malware analysis environment.
• Norman IntelliVM, VM analysis monitors system events for signs of malicious behavior.
• IntelliVM uses Norman’s KernelScout driver, embedding the intelligence observation agent at the lowest level of the system’s kernel for super performance.
• Analysis Desktop, a Web Based management and operations console.
• Appliance or software and APIs.
• Norman Malware Debugger PRO, performs analysis of suspicious files with all of the functionality of traditional reverse engineering and debugging tools in a single interface, performing analysis of malware threats.