Yes, but it's emulation based and not virtualization based. In general, our experience has taught us that virtualization based technology is particularly important for forensic and full attack chain analysis on a very specific environment. Unfortunately, the downside of such in-depth analysis is speed (time to reporting is typically within 5-10 minutes), scaling challenges, high maintenance, having to restrict to a specific environment and a large resource overhead. Instead, we focus on a sophisticated set of lightweight emulation engines that implement adaptive threat analysis and have shown to yield better results at a fraction of cost. OPSWAT Filescan Sandbox is a best-in-class emulation sandbox.
Was this page helpful?
