ReversingLabs Insights™ Insights
  • Forgot your password?
By logging in, you agree that you have read and accepted the terms of service set forth in the ReversingLabs, Inc. End User License Agreement

RLI v8.0 Release Highlights

Dynamic and Network Analysis

  • Network Threat Intelligence IP Analysis information is now shown on the URL summary page. Data is retrieved from TitaniumCloud dynamically upon page load, providing users with more efficient and richer triage capabilities with coverage from the full RL data corpus. IP threat intelligence contains a list of top threats, IP reputation from various reputation sources, statistics for downloaded files including maliciousness, and a list of related URLs and domains
  • RL Cloud Sandbox:
    • Additional statuses are shown during the upload and detonation of files sent to dynamic analysis, offering users better feedback during the analysis process and helping them troubleshoot potential infrastructure bottlenecks.
    • When sending files for static analysis, Historic Reports from past RL Cloud Sandbox analyses are now shown during processing on the Sample Summary page. This benefits users by providing immediate insights from the RL data corpus and offering richer investigations without spending additional RL Cloud Sandbox quota.
    • Snort & Sigma rules are now supported, detecting all suspicious/malicious behavior during a RL Cloud Sandbox analysis using those rules. This metadata is important for malware detection and identification purposes as it tells users when a malicious behavior has been detected during execution on the Network or OS log level, which cannot be extracted from static analysis alone.

Workflows

  • Improved search capabilities:
    • Automatic navigation to Sample Summary page is now enabled when users input single hashes or URLs inside the search box, offering a more efficient way to investigate an interesting hash or URL.
    • Domain and IP Search pages are now shown when users search for a single Domain or IP, providing Network Threat Intelligence data for that Domain/IP above the search results. This functionality provides immediate insights from the RL data corpus, increasing the network analysis efficiency.
    • Tooltip for failed analyses added to the search grid, offering additional information previously visible only on the Submissions page.
    • Rearranged Search filters are now located above the Search input field, offering users easier access and efficiency of use.
  • Updated Sample Summary PDF report to be uniform with the RLI user interface view, improving the presentation of the Report Summary widget and all File Analysis Detail sections.
  • Improved upload file limit pop-up message, offering a tailored SaaS solution from the ReversingLabs portfolio that can be used to upload files with size up to 10 GB

Maintenance & Operations

  • The underlying operating system was upgraded to Rocky Linux 8, improving system stability, performance and security compliance
  • Quality improvements through a number of prioritized defect fixes

For detailed release information, please see the full release notes on the ReversingLabs Customer Portal (login required).