Next Generation Detection
Dynamic Malware Analysis Service that enables detection of sophisticated malware attacks, including those using polymorphic and zero-day malware, malicious attachments, and other advanced exploits.
This malware analysis system technology enables Targeted Attack Protection to catch unknown malicious malware attacks that are traditionally missed by signature-based solutions due to lack of matching signatures, and those missed by reputation based solutions as attackers have compromised legitimate websites and accounts to inherit 'good' reputation for sending in their malware attacks into organizations.
In order to effectively detect such advanced malware – regardless of the attack being malware spread via targeted threats, APTs, watering hole URLs over email, malvertising, phishing, or longlining – our malware analysis system technology uses a combination of sophisticated techniques to evaluate advance threats. These include:
- Checks real-time against emerging campaigns and known new malicious websites that are being detected across organizations.
- Static code analysis looking for suspicious behavior, obfuscated scripts, malicious code snippets, and redirects to other malicious sites.
- Dynamic malware analysis that sandboxes the destination URL or sandboxes suspicious attachments, to simulate a real user on a machine with a goal of observing any changes made to the system.
Collectively, this provides the most comprehensive detection steps to determine whether the destination URL or an attachment under suspicion is malicious. Various counter-evasive techniques are used to simulate a ‘real’ computer system with a ‘real’ user in the dynamic analysis, and these are typically required to draw out the malware that is sophisticated enough to conceal itself from detection. For example: techniques such as IP rotation, mouse movement simulation, real browser sessions, time-delayed analysis, etc. are required to ‘trick’ the malware to reveal under security system scrutiny.
Learn more about Targeted Threats or Proofpoint Targeted Attack Protection's capabilities:
Proofpoint Targeted Attack Protection
Watch Demo Now »
Data Sheet: Learn more about Proofpoint Targeted Attack Protection.
Download Data Sheet »