In order to give you a better service Airbus uses cookies. By continuing to browse the site you are agreeing to our use of cookies. I agree

To opt out of Google Analytics data collection, click here

Thanks. We have set a cookie so that Google Analytics data collections will be disabled on your next visit.

Orion Malware

Detect and define the advanced threats in your networks

Orion Malware

Orion Malware is a file analysis network platform designed to be able to analyse hundreds of files submitted at the same time by users or systems in order to detect malicious content.

Integration of the best technologies and techniques on the market for detecting malware

Orion Malware, produced by the Airbus CyberSecurity CSIRT team, is available as an all-in-one appliance that can perform up to 50,000 analyses per day, or as a specialised appliance to meet larger needs.

Antivirus + static analysis + machine learning + sandboxing in one appliance.

New features of the latest version, version 3.1 

  • 200 new heuristic detection methods
  • 1 new detection module that uses artificial intelligence
  • Signature check (checks the PE signature)
  • Heuristic editor (create your own heuristics in Python)
  • TIP connection: new MISP connector
  • Risk-rating
  • New heuristic Qspy (sandbox) detection methods
  • Timeline view (improved malware detonation timeline)
  • Kaspersky Anti-Virus (+ other antivirus programs coming soon)

A product with numerous uses

Orion Malware is the only network malware analysis platform manufactured in France. This software could be worthwhile for you if you are looking:

  • To reinforce the static analysis performed by your IDS/DPI probes with a sandbox
  • For a multi-technology file analysis solution
  • For a sovereign alternative
  • For in-depth defence
  • For a solution that is interoperable with your TIP
  • To create your own malware database
  • To offer your users a file inspection service

A product which is easy-to-use via the API or web interface

You can submit your file(s) for analysis via the product API or web interface. Submitting a file can be done privately: in this case, only you, the submitter, will know about it; or publicly: in this case all the users referenced on the tool or in a closed user group will know the result of the analysis.

You will be informed of the progress during the analysis and, once complete, the risk level will be indicated via the risk-rating technology.

Your advantages

  • Multiple detection engines in a single product
  • Possible to add detection rules and not share them
  • Complete control of the system; you are the solution administrator
  • Control over the communication of the solution with external parties
  • Possible to have multiple users, human or machine, with no additional cost

Contact us for more information!

Required Fields*