ThreatAnalyzer Features

ThreatAnalyzer (formerly CWSandbox) helps you identify, stop and eliminate Advanced Persistent Threats (APTs), targeted attacks, Zero-day threats and other sophisticated malware.

ThreatAnalyzer provides a comprehensive assessment of every threat sampled – from infection vector to payload execution – by proactively analyzing nearly any Windows application or file. This includes infected Office documents, PDFs, malicious URLs, Flash ads and any other file associated with an application.

ThreatAnalyzer swiftly and accurately vets suspicious samples through its:

Malware determination engine

Helps you identify suspicious samples based on a series of default and customizable rules. ThreatAnalyzer also classifies sampled threats by severity, enabling you to efficiently prioritize your response and remediation strategies.

Digital Behavior Traits™ (DBT)

Highlights key sample characteristics that indicate malicious behavior, providing you with additional insight into the nature and possible objective of a potential threat.

Customizable analysis environment

Enables you to modify the analysis sandbox to correspond with your live IT environments so you know how samples will execute within your network. This valuable insight is key to identifying a security breach, as well as taking all the remediation steps necessary to completely eliminate a threat.

Multiple analysis comparison

Centralizes the management of samples submitted to multiple, customized ThreatAnalyzer sandboxes. This enables you to view side-by-side comparisons of sample behavior analyzed across various operating systems, patch levels, systems configurations and application versions.

User interaction emulation

Simulates user interaction with application prompts created by malicious samples to trick users into spreading malware or providing access to sensitive data targeted for theft.

Extensive Reporting

ThreatAnalyzer provides a comprehensive array of reports including: