Allows to see the malware from the inside
tLab system is a corporate local service for safe and remote analysis of suspicious objects. Practically tLab produces an autonomous analysis of program behavior and identifies malicious functionality in a local cloud. The system allows to automate the process of analyzing the behavior of any program and identify in them signs of malicious functions.
The system allows to upload executable files or objects that contain executable code (eg, PDF document). The system then runs the objects in an isolated environment, monitors program activity in real time, detects potentially malicious functionality and automatically produces a full interactive report. It uses a unique deep behavioral analysis technology of the application's functionality, which will allow to detect complex or hidden malicious activity.
The system has the following technological advantages:
- Tracks data flow from the source to the target that allows for the administrator to see hidden attacks and distinguish false alarms;
- The ability to detect distributed attacks;
- Code level process control (whitelists) to unambiguously identify illegitimate activity.
and activation of a malicious object
Automatic launch of the investigated executable in an isolated environment, where system behavior of objects is monitored
User activity simulation in an isolated environment in analysis mode to activate malware that requires user interaction
Of activity by an expert
Generation of interactive reports varying in levels of detail and information content
Automatic estimation of threat level for the analyzed object and verdict recommendation for the expert