Orion Malware is a file analysis network platform designed to be able to analyse hundreds of files submitted at the same time by users or systems in order to detect malicious content.
Integration of the best technologies and techniques on the market for detecting malware
Orion Malware, produced by the Airbus CyberSecurity CSIRT team, is available as an all-in-one appliance that can perform up to 50,000 analyses per day, or as a specialised appliance to meet larger needs.
Antivirus + static analysis + machine learning + sandboxing in one appliance.
New features of the latest version, version 4.0
A new agentless sandboxing technology
- Support for current and future OS versions
- More discreet Sandbox with strengthened anti-evasion mechanism
- Additional activities monitoring
New detection and analysis capabilities
- Further activity monitoring for a more accurate detection and analysis of potential impacts
- Continuously updated heuristics by Airbus CyberSecurity for the detection of emerging threats
- Enable/Disable and add heuristics for a customised detection
- TTP identification (MITRE ATT&CK)
A product with numerous uses
Orion Malware is the only network malware analysis platform manufactured in France. This software could be worthwhile for you if you are looking:
- To reinforce the static analysis performed by your IDS/DPI probes with a sandbox
- For a multi-technology file analysis solution
- For a sovereign alternative
- For in-depth defence
- For a solution that is interoperable with your TIP
- To create your own malware database
- To offer your users a file inspection service
A product which is easy-to-use via the API or web interface
You can submit your file(s) for analysis via the product API or web interface. Submitting a file can be done privately: in this case, only you, the submitter, will know about it; or publicly: in this case all the users referenced on the tool or in a closed user group will know the result of the analysis.
You will be informed of the progress during the analysis and, once complete, the risk level will be indicated via the risk-rating technology.
- Multiple detection engines in a single product
- Possible to add detection rules and not share them
- Complete control of the system; you are the solution administrator
- Control over the communication of the solution with external parties
- Possible to have multiple users, human or machine, with no additional cost