Why OPSWAT Filescan Sandbox?

OPSWAT Filescan Sandbox is a malware analysis platform that binds together dozens of state-of-the-art tools, services, and proprietary engines with the focus on Indicators of Compromise (IOCs) and threat extraction from files, documents, scripts and URLs at speed and scale. Using proprietary engines, Filescan is a solution that goes deeper than traditional static analysis tools, providing actionable intelligence in many more cases. Combined with its unmatched speed, it becomes possible to significantly reduce the number of artifacts needing to be sandboxed in an otherwise time-consuming and resource intensive process.

For example, using a cutting-edge unique emulation engine, even extremely obfuscated, state-of-the-art and environment aware malware can be deobfuscated and dissected in less than 15 seconds. Furthermore, any relevant IOCs (e.g. second stage download files or URLs) are automatically crosschecked with threat intelligence databases to provide accurate attribution.

Coming with a simple RESTful HTTP based API and an open and agile architecture, Filescan offers easy integration into various platforms and corporate systems. The on-premise instance can be deployed on a single server and instantly allows processing of thousands of files/URLs per day. The web interface comes with very user-centric reports that are easy to understand and contain in-depth data if needed.

Key features include

  • Extract Indicators of Compromise (IOCs) from a wide range of executables, documents, scripts, and URLs
  • Emulates 90%+ of highly obfuscated state-of-the-art macro malware (VBA), VBS, PowerShell, Jscript, MSHTA, XSL, WSF
  • Rapid & deep analysis at high scale (50K+ scans per day/ machine)
  • REST API for automated integration
  • Integrates with Virus Total, YARA, MITRE ATT&CK framework and more
  • Clean and intuitive reports with in-depth data on demand and able to export in HTML, PDF, MISP, STIX
  • Simple and cost-effective on-premises standalone deployment or private cloud
  • Designed, engineered, and maintained by experienced industry experts

An overview of all features is available on the up-to-date product page: https://www.opswat.com/products/filescan

Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Next to read:
Technical Datasheet

See the "Technical Datasheet" for a complete list of features: https://docs.opswat.com/filescan/datasheet/technical-datasheet

On This Page
Why OPSWAT Filescan Sandbox?Key features include