Sunbelt Software, a provider of Windows security software, has unveiled new version of automated malware analysis tool CWSandbox.
The company said that the CWSandbox v3.0 will give security researchers the ability to compare multiple analyses for differences and similarities, and allow them to send malware samples to multiple sandbox configurations and centrally manage the process.
Reportedly, the new version provides automation and gives those on the front lines of cyber-defense the ability to analyse in bulk and save time. It enables enterprises to put security practices in place to account for how malware behaves differently on varied desktop configurations within their networks and protect against targeted threats.
The company has also unveiled Exploit Feed, a new component to its Threat Track data service, which tracks URLs deemed to be malicious based on a set of behavior and code traits, and is updated continuously to identify links to exploits before users can become infected. The URLs are passed through an array of honeyclients configured to detect any malicious activity.
According to Sunbelt Software, data captured by the Exploit Feed include, files dropped by the URL, other URLs involved in the exploit process, code containing the actual exploit, and an XML behavior analysis report of the browser and all related malware processes. The Exploit Feed, in conjunction with the other feed components of Threat Track can be incorporated into cloud, gateway and desktop web security systems.
Chad Loeven, VP for business development at Sunbelt Software, said: Cooperation and sharing of such research in the security community is essential for the timely protection of businesses, federal agencies and consumers against the rising tide of malware attacks.