In order to give you a better service Airbus uses cookies. By continuing to browse the site you are agreeing to our use of cookies. I agree

To opt out of Google Analytics data collection, click here

Thanks. We have set a cookie so that Google Analytics data collections will be disabled on your next visit.

Orion Malware

Orion Malware is a file analysis network platform designed to be able to analyse hundreds of files submitted at the same time by users or systems in order to detect malicious content.

Integration of the best technologies and techniques on the market for detecting malware

Orion Malware is available as an all-in-one appliance that can perform up to 50,000 analyses per day, or as a specialised appliance to meet larger needs.

Antivirus + static analysis + machine learning + sandboxing in one appliance.

New features of the latest version, version 4.4

  • Hash Reputation Management: Allows to manage in administration web portal a whitelist/black list database of  hashes. Each hash can be assigned to a risk level,
  • Export memory dump: Allows to download the memory dump after a dynamic analysis. Each memory dump is compatible with the Volatility framework,
  • Improve detection: New AI model for JavaScript, improves detection of crashed processes, improves detection of malicious MS Office documents with DDE links,
  • Add support of new file types for dynamic analysis: MS Windows Shortcut file ( .LNK ), CDFV2 Encrypted,
  • Improves GUI: Displays command lines in process tree

A product with numerous uses

Orion Malware is the only network malware analysis platform manufactured in France. This software could be worthwhile for you if you are looking:

  • To reinforce the static analysis performed by your IDS/DPI probes with a sandbox
  • For a multi-technology file analysis solution
  • For a sovereign alternative
  • For in-depth defence
  • For a solution that is interoperable with your TIP
  • To create your own malware database
  • To offer your users a file inspection service

A product which is easy-to-use via the API or web interface

You can submit your file(s) for analysis via the product API or web interface. Submitting a file can be done privately: in this case, only you, the submitter, will know about it; or publicly: in this case all the users referenced on the tool or in a closed user group will know the result of the analysis.

You will be informed of the progress during the analysis and, once complete, the risk level will be indicated via the risk-rating technology.

Your advantages

  • Multiple detection engines in a single product
  • Possible to add detection rules and not share them
  • Complete control of the system; you are the solution administrator
  • Control over the communication of the solution with external parties
  • Possible to have multiple users, human or machine, with no additional cost

Contact us for more information!