MISbook 2300, ValidEdge, Portable, Malware, Intelligence, MIS1300
ValidEdge Unveils First Portable Malware Intelligence System
News Release from:
26 April 2012
ValidEdge has unveiled a truly secure real-time malware analysis engine built into a standard laptop, delivering the power to analyze up to 1000 malware samples per day in a fully functional laptop without compromising the integrity of the laptop's functions, data or operating system.
Housed on a standard quad-core laptop, the ValidEdge MISbook 2300 uses a military grade virtualization platform to create two secure partitions that are exclusively used to manage and run malware samples in real-time for analysis, without risk of compromising the standard Linux or Microsoft Windows operating system that is running in its own secure partition alongside.
ValidEdge Malware Intelligence Systems provide comprehensive information about new and unknown malware even when packed, encrypted and obfuscated, and the new MISbook delivers this capability in a truly portable and usable laptop. It provides malware analysts, incident response teams and Enterprise security teams with a detailed report on malware in real-time, including assembly source code, customizable warning level and information about latent payloads even when away from the office or the corporate network.
“The MISbook is in every sense a fully configured malware analysis system, but in a unique portable format allowing IT professionals to examine malware wherever they are in real-time and without having to carry a dedicated analysis system,” said Lixin Lu, CTO of ValidEdge. “The use of a truly secure virtualization platform means that any malware that is run or analyzed on the MISbook cannot escape or compromise the rest of the laptop and is a really unique feature of our implementation.”
The MISbook runs malware on a real Windows system within a secure partition, and then uses both static and dynamic analysis to get full information about the malware and its payloads. A complete simulation of all network services can be included, to capture all internet activity, and corporate images, OS versions and applications can be pre-loaded.
The ValidEdge MISbook 2300 incorporates several innovative analysis engines for classification, decryption, unpacking, reverse engineering, and combined dynamic and static analysis to fully reveal the current and potential intention of unknown malware. Its partitions provide a secure environment to expose malware, allowing responders to fully grasp the malware’s intention and learn what it was trying to target. It will also identify any logic bombs hidden in the malware waiting for a trigger to cause damage at a later time. Once the new malware has been identified, security professionals receive several detailed reports about the behavior of the malware.
Like its sibling MIS1300 appliance, the ValidEdge MISbook 2300 makes use of military grade separation-kernel technology developed by LynuxWorks to meet the highest requirement of security critical systems. This technology allows complete isolation of the Windows environment so that malware cannot penetrate and corrupt the platform while it is being analyzed.