ReversingLabs A1000 Malware Analysis Platform™ A1000

Reset password

Forgot your password? Enter your email in the form below and we'll send you instructions for creating a new one.

  • ReversingLabs
  • What's new
  • Cookie Policy
  • Privacy Policy
  • End User License Agreement
ReversingLabs A1000 Malware Analysis Platform™, 6.0.5-2   |   TitaniumCore Version: 4.0.4.0

A1000 v6.0 Release Highlights

Classification / Innovation (Tier 1 and Tier 2 Analysts, Threat Hunters, Security Analysts)

A1000 6.0 includes the latest major version of the ReversingLabs’ industry leading static analysis engine TitaniumCore 4.0.2 delivering a number of significant enhancements:

  • Indicator transparency gives a human-readable explanation for why an indicator appears within a sample analysis, helping users to better understand object intent.
  • Indicators are mapped to MITRE ATT&CK framework, an industry wide standard for describing threats and actor behaviors.
  • “Certificates” section overhaul for better metadata explainability and renaming to “Signatures”.
  • Interactive storyteller with better sample descriptions, including clickable links, enabling even novice A1000 users to pivot through RL’s extensive local and cloud data simply.
  • Predicted file names now use file metadata and construct a probable original file name, which helps users better distinguish files that only have a hash value as their file name.
  • Email files are now treated as a native identification type, delivering better support for various email formats on the A1000 appliance.
  • To receive the richer TitaniumCore 4.0.2 sample reports, samples analyzed with older versions of the engine can be easily reanalyzed with one-click operation.

Enterprise Readiness / Usability (Tier 1 and Tier 2 Analysts, Threat Hunters, Security Analysts, SOC Managers)

  • Advanced Search is now available on all A1000 appliances enabling unlimited local queries for all users, even on air-gapped systems.
  • Threat Intelligence Cards are utilising ReversingLabs’ extensive file metadata to provide an informative, educational overview and analytics on malware types and families in an easily accessible format.
  • Sample summary improvements make it easier to read the critical sample classification information at a glance. Changes include: sample summary header redesign, new analysis status tables, and reorganized sidebar menu.
  • New A1000 Dashboard YARA Widget offers users a quick insight into their local and cloud YARA matches. Matches can easily be filtered either by time or by rulesets favorited by the current user and by match source.

Integrations / Automation (SOC Managers, CISO, Administrators)

  • RL Cloud Sandbox is a new Dynamic Analysis (DA) integration that further enhances A1000’s File Analysis capabilities, delivering users better efficacy in their security outcomes. This service is based on RL’s DA API’s and is turned on by default so that A1000 files are enriched with existing DA metadata. It is possible to automate DA analysis for files with no report available.

A1000 v6.0.4 Patch Release Highlights

  • A1000 6.0.4 patch release delivers improved quality and better security outcomes for our users. The patch incorporates TitaniumCore v4.0.3, which enables enhancement for Malware detection rules through newly-updated malware classification machine learning models. The patch additionally adds RL Cloud Sandbox quota usage insights and resolves a number of minor and moderate bugs.

A1000 v6.0.5 Patch Release Highlights

Classification / Innovation (Tier 1 and Tier 2 Analysts, Threat Hunters, Security Analysts) A1000 v6.0.5 delivers improved quality and better security outcomes for our users. The patch incorporates TitaniumCore v4.0.4, enabling;

  • Better Malware detection rules through implementation of new malicious VBA macro machine learning classification technology and update to remaining threat detection databases to further improve detection accuracy
  • Identify more files and greater file format coverage with Titanium Core 4.0.4, notably Docker, AutoIt, and improved Office Word support
  • Improved Certificate and miscellaneous archive validation delivering improved certificate reputation baselines and broader coverage
  • More YARA hunting rules with broader coverage

Enterprise Readiness / Usability (Tier 1 and Tier 2 Analysts, Threat Hunters, Security Analysts, SOC Managers)

Enterprise Password Vaulting use case support, helping with compliance and alignment to internal password policies

Integrations / Automation (SOC Managers, CISO, Administrators)

LDAP 'uniqueMember' support implementation, further enabling compliance and user access scenarios for our administrators

The release additionally improves upon overall quality and usability with a number of prioritized defect resolutions. For full details please see the full release notes on the ReversingLabs Customer Portal (login required).

See the full release notes on the ReversingLabs Customer Portal (login required).