Safely analyse and store highly sensitive malware, including custom malware targeting your organisation or your customers, without ever sharing it beyond your organisation.
Security teams are increasingly faced with unique, targeted malware and maldocs designed to evade defences in novel ways.
You need to analyse risky files so you can understand and defend against them. However, because they may be targeted to your organisation and contain identifying information, you may not want to share it with public analysis tools like VirusTotal, or with external organisations like antivirus providers.
MalwareZoo gives your team a privacy-preserving, segregated, and secure place to store and analyse malware samples.
Your team can upload custom malware samples to the zoo for automated analysis, risk scoring, and suspicious / malicious verdicts in a way you can control.
In some cases you can check for hashes or upload malware samples to VirusTotal. In others you can choose to keep samples totally private.
MalwareZoo, powered by Assemblyline4, contains a wide array of best in breed analysis tools. These can be chained together to do things like:
Leave your details with us and we'll let you know about upcoming MISP training workshops in your timezone.
MalwareZoo is powered by Assemblyline 4, a scalable file artifact triage and analysis system built and maintained as an open source project by the Cyber Centre Canada.
Assemblyline is a powerful, scalable system that runs on Kubernetes. Deploying, securing, and maintaining a complex system like Assemblyline 4 isn’t for everyone. We can deploy a new, private instance for you using our infrastructure as code (IaC) patterns and maintain them so you can focus on your core mission: collecting and analysing malware and defending your organisation.
Send and fetch samples, execute analyses and build modular automation pipelines via a robust API or via the web UI. Both the API and UI offer granular access control and permissions.
We provide you with a private instance of MalwareZoo on our secure, dedicated, single-tenant AWS infrastructure suitable for secure storage of highly sensitive samples. This means your malware samples will never be stored on shared infrastructure.
Improve malware analysis hygiene and reduce risk by storing samples outside your corporate network. We will take care of DR, monitoring, and reliability of your malware instance.
MalwareZoo integrates seamlessly with MISP, including CloudMISP instances. The workflow is:
This allows some of your analysis to purely use MISP to check on file hashes, and others to access Assemblyline in a read-only fashion without access to samples. Trained malware analysts get full access to all analysis features and samples.
This includes a detailed user guide and dedicated Slack channel with our team so you can get the most out of MalwareZoo.
MalwareZoo is an enterprise-grade fully managed service. Your annual MalwareZoo licence will include frequent upgrades and custom configuration of your instance, as well as ongoing support and guidance from our team of security engineers.
We tailor annual pricing plans based on your specific needs and use case. Please submit an expression of interest or schedule a call with one of our security engineers below so we can prepare a custom quote for you.
Leave your details with us and we'll let you know about upcoming MISP training workshops in your timezone.