Orion Malware is a file analysis network platform designed to be able to analyse hundreds of files submitted at the same time by users or systems in order to detect malicious content.
Integration of the best technologies and techniques on the market for detecting malware
Orion Malware, produced by the Airbus CyberSecurity CSIRT team, is available as an all-in-one appliance that can perform up to 50,000 analyses per day, or as a specialised appliance to meet larger needs.
Antivirus + static analysis + machine learning + sandboxing in one appliance.
New features of the latest version, version 3.1
- 200 new heuristic detection methods
- 1 new detection module that uses artificial intelligence
- Signature check (checks the PE signature)
- Heuristic editor (create your own heuristics in Python)
- TIP connection: new MISP connector
- New heuristic Qspy (sandbox) detection methods
- Timeline view (improved malware detonation timeline)
- Kaspersky Anti-Virus (+ other antivirus programs coming soon)
A product with numerous uses
Orion Malware is the only network malware analysis platform manufactured in France. This software could be worthwhile for you if you are looking:
- To reinforce the static analysis performed by your IDS/DPI probes with a sandbox
- For a multi-technology file analysis solution
- For a sovereign alternative
- For in-depth defence
- For a solution that is interoperable with your TIP
- To create your own malware database
- To offer your users a file inspection service
A product which is easy-to-use via the API or web interface
You can submit your file(s) for analysis via the product API or web interface. Submitting a file can be done privately: in this case, only you, the submitter, will know about it; or publicly: in this case all the users referenced on the tool or in a closed user group will know the result of the analysis.
You will be informed of the progress during the analysis and, once complete, the risk level will be indicated via the risk-rating technology.
- Multiple detection engines in a single product
- Possible to add detection rules and not share them
- Complete control of the system; you are the solution administrator
- Control over the communication of the solution with external parties
- Possible to have multiple users, human or machine, with no additional cost