Intezer Analyze™

Additional Info

CompanyIntezer
Websitehttps://www.intezer.com/
Company size (employees)10 to 49

Overview

Threat hunting is a proactive technique which can be used to find new or previously unknown malware. Intezer Analyze’s vaccine feature enables users to download automatic, code-based YARA signatures based on a sample’s malicious binary code. These advanced, code-based YARA signatures are the most effective for detecting variants of malware that reuse even the tiniest portions of malicious code

Check out this short demo video on our YouTube channel to see the vaccine (YARA rule) feature in action: https://youtu.be/OCoijr9o90o

How we are different

• YARA signatures based on strings can be easily manipulated, replaced, or encrypted by adversaries in order to avoid detection. Intezer's code-based YARA rules, on the other hand, are the most effective for detecting variants of malware that reuse even the smallest fragments of malicious code


• Scan for infected endpoints within your network - use Intezer Analyze's code-based YARA signatures to scan your organization's endpoints to identify infected machines


• Hunt for additional samples - threat intelligence teams can upload code-based YARA signatures to other systems, for example, VirusTotal Hunting, to proactively hunt for new samples. Since Intezer's YARA signatures are based on a sample's malicious code—and not trusted code from shared or embedded libraries—the signatures generate more accurate hits