ValidEdge has unveiled a real-time malware analysis engine built into a standard laptop, delivering the power to analyze up to 1000 malware samples per day in a fully functional laptop without compromising the integrity of the laptop’s functions, data or operating system.
Housed on a standard quad-core laptop, the ValidEdge MISbook 2300 uses a military grade virtualization platform to create two secure partitions that are exclusively used to manage and run malware samples in real-time for analysis, without risk of compromising the standard Linux or Microsoft Windows operating system that is running in its own secure partition alongside.
ValidEdge Malware Intelligence Systems provide comprehensive information about new and unknown malware even when packed, encrypted and obfuscated, and the new MISbook delivers this capability in a portable and usable laptop.
It provides malware analysts, incident response teams and Enterprise security teams with a detailed report on malware in real-time, including assembly source code, customizable warning level and information about latent payloads even when away from the office or the corporate network.
The MISbook runs malware on a real Windows system within a secure partition, and then uses both static and dynamic analysis to get full information about the malware and its payloads. A complete simulation of all network services can be included, to capture all internet activity, and corporate images, OS versions and applications can be pre-loaded.
The ValidEdge MISbook 2300 incorporates several analysis engines for classification, decryption, unpacking, reverse engineering, and combined dynamic and static analysis. Its partitions provide a secure environment to expose malware, allowing responders to fully grasp the malware’s intention and learn what it was trying to target.
It will also identify any logic bombs hidden in the malware waiting for a trigger to cause damage at a later time. Once the new malware has been identified, security professionals receive several detailed reports about the behavior of the malware.
Like its sibling MIS1300 appliance, the ValidEdge MISbook 2300 makes use of military grade separation-kernel technology developed by LynuxWorks to meet the highest requirement of security critical systems. This technology allows complete isolation of the Windows environment so that malware cannot penetrate and corrupt the platform while it is being analyzed.