An Interesting Malware-Analysis Appliance

Related Articles

• Proving the Authenticity of Emails
• Cyber Attacks and Safeguarding the Internet
• Who Will Be Next Victim in Breach and Hacks? Nintendo Joins List Including Google, RSA Security, PBS, Lockheed Martin, Sony

Subscription Options

Subscribe Newswire

Widgets & RSS Feeds

LynuxWorks, established in 1988, is a privately held company focused on developing secure systems for mission-critical applications.  Their offerings include embedded operating systems used in applications as diverse as the flight test and simulation system for the Airbus A380, the cabin services system for the Boeing 777, the Zumwalt-class destroyer, and a point-of-sale Web server.

The company’s validEDGE subsidiary, which began development of anti-malware technology in 2004, last week introduced an appliance designed to automate the detection and remediation of previously unidentified malware.  The first appliance to be offered by validEDGE is the MIS 1100, which the company claims can analyze a new, unknown malware sample in just a few seconds.  The appliance can help researchers to understand the purpose of a new piece of malware and also look for “logic bombs” contained in the malware that could cause damage further down the road.

validEDGE uses separation-kernel technology originally developed by its parent company to allow the malware to be exposed totally independently of the underlying Windows environment. Central to the operation of the appliance is a virtualized environment that allows a Windows environment to be reloaded very rapidly for high speed processing of malware samples. During processing, a malware sample is unpacked, decrypted and disassembled. The system then analyzes the behavior of the sample, discovers code that is designed to execute at a later date and then classifies the sample based on whether or not the malware has been detected in the past.

At a subscription price of $90,000 annually, the validEDGE appliance is not designed for small businesses that want to get a better handle on malware.  Instead, the appliance is intended for larger enterprises, network equipment providers, anti-virus and other security companies, and large government contractors. However, the appliance promises to offer a very rapid method to detect new malware variants with very little setup time—validEDGE claims the appliance can be setup and running in 10 minutes.

For more information on validEDGE, click here.