ReversingLabs Insights™ Insights
  • Forgot your password?
By logging in, you agree that you have read and accepted the terms of service set forth in the ReversingLabs, Inc. End User License Agreement
  • ReversingLabs
  • What's new
  • Cookie Policy
  • Privacy Policy
  • End User License Agreement
ReversingLabs Insights™, 6.0.2-1   |   TitaniumCore Version: 4.0.2.0

A1000 v6.0 Release Highlights

Classification / Innovation (Tier 1 and Tier 2 Analysts, Threat Hunters, Security Analysts)

A1000 6.0 includes the latest major version of the ReversingLabs’ industry leading static analysis engine TitaniumCore 4.0.2 delivering a number of significant enhancements:

  • Indicator transparency gives a human-readable explanation for why an indicator appears within a sample analysis, helping users to better understand object intent.
  • Indicators are mapped to MITRE ATT&CK framework, an industry wide standard for describing threats and actor behaviors.
  • “Certificates” section overhaul for better metadata explainability and renaming to “Signatures”.
  • Interactive storyteller with better sample descriptions, including clickable links, enabling even novice A1000 users to pivot through RL’s extensive local and cloud data simply.
  • Predicted file names now use file metadata and construct a probable original file name, which helps users better distinguish files that only have a hash value as their file name.
  • Email files are now treated as a native identification type, delivering better support for various email formats on the A1000 appliance.
  • To receive the richer TitaniumCore 4.0.2 sample reports, samples analyzed with older versions of the engine can be easily reanalyzed with one-click operation.

Enterprise Readiness / Usability (Tier 1 and Tier 2 Analysts, Threat Hunters, Security Analysts, SOC Managers)

  • Advanced Search is now available on all A1000 appliances enabling unlimited local queries for all users, even on air-gapped systems.
  • Threat Intelligence Cards are utilising ReversingLabs’ extensive file metadata to provide an informative, educational overview and analytics on malware types and families in an easily accessible format.
  • Sample summary improvements make it easier to read the critical sample classification information at a glance. Changes include: sample summary header redesign, new analysis status tables, and reorganized sidebar menu.
  • New A1000 Dashboard YARA Widget offers users a quick insight into their local and cloud YARA matches. Matches can easily be filtered either by time or by rulesets favorited by the current user and by match source.

Integrations / Automation (SOC Managers, CISO, Administrators)

  • RL Cloud Sandbox is a new Dynamic Analysis (DA) integration that further enhances A1000’s File Analysis capabilities, delivering users better efficacy in their security outcomes. This service is based on RL’s DA API’s and is turned on by default so that A1000 files are enriched with existing DA metadata. It is possible to automate DA analysis for files with no report available.

See the full release notes on the ReversingLabs Customer Portal (login required).