Photo Gallery
Intezer
Additional Info
Website | https://www.intezer.com/ |
Company size (employees) | 10 to 49 |
Headquarters Region | North America |
Overview
Intezer’s Genetic Malware Analysis technology is an industry first, applying the biological immune system concepts to cybersecurity. Operating under the evolutionary concept that malware is based on previously written software, Intezer Analyze™ identifies new forms of malware by comparing their code to previously seen threats. Detecting even the smallest fragments of code similarities amongst files, security teams can recognize malicious files, classify threats to their relevant malware families, and prioritize alerts according to risk and severity.
Users subscribing to Intezer Analyze’s enterprise edition effectively tailor their incident response with accurate context-based analysis of threats and relevant actionable intelligence. Additionally, as information sharing is a key component of the company’s makeup, Intezer offers a free community edition of its product, where users can upload up to 10 files per day.
Leveraging Genetic Malware Analysis, Intezer was able to discover clear code reuse connections between the WannaCry campaign and previously unrelated malware families Brambul, Joanap, and Lazarus, at the time believed to be North Korean hackers. The code reuse demonstrated that these hacking tools were written or modified by the same author, and attribution to North Korea was later validated by the NSA.
Following the hack of a US Navy contractor and theft of highly sensitive data on submarine warfare in June 2018, Intezer identified code reuse between the malware, dubbed MirageFox, with a previous RAT believed to originate in 2012, known as Mirage. Through analyzing code reuse, Intezer discovered MirageFox contained similarities to previously employed malware employed by APT15, a cyber espionage group affiliated with the Chinese government.
How we are different
1) Intezer introduces a Genetic Malware Analysis approach, offering enterprises unparalleled and accelerated incident response. Intezer provides a fast, in-depth understanding of any file by mapping its code DNA at the ‘gene’ level -- offering the most advanced level of malware analysis. By identifying the origins of every piece of code, the company’s technology is able to detect code reuse from known malware, as well as code that was seen in trusted and legitimate applications.
2) A significant challenge posed to incident response and SOC teams is the high number of alerts received on a daily basis. For many organizations, thousands of alerts are fed through their security systems every day, making it difficult to prioritize these files according to risk and severity without spending time and resources on false positives. Intezer Analyze integrates with organizations’ existing security solutions, including Endpoint Protection platforms (EPP), Endpoint Detection and Response platforms (EDR), Security Information and Event Management (SIEM), Security Orchestration, Automation, and Response (SOAR), and security gateways, enabling incident response teams to automatically analyze files at a large scale, classify threats to their relevant malware families, and respond to threats in a timely manner without missing critical incidents or spending resources on false positives.
3) Said the CISO of a leading Israeli telecommunications and cellular provider, “Intezer’s one-of-a kind malware analysis technology based on code reuse detection is exactly what our IR teams needed. Obtaining deep insights into every suspicious file in seconds saves precious time and efforts, enabling the team to focus on prioritizing and remediating attacks.”