Deep Malware Analysis
For any Target and Scale
Joe Sandbox is the platform for SOCs, CIRTS, CERTS and security teams. Based on Deep Malware Analysis Joe Sandbox automatically generates very detailed reports describing the malware behavior, its payload and installation. By using the detailed reports security teams can accelerate their Digital Forensics & Incident Response and do no longer need manual analysis. Extracted IOCs, OpenIOC and MISP report can be easily shared with customers and the security community.
Joe Sandbox is the platform to be integrated into Threat Intelligence Platforms. Based on Deep Malware Analysis Joe Sandbox automatically generates very detailed reports describing the malware behavior, its payload and installation. Those reports can be used to augment existing intelligence data and help to give "context" about IPs, domains, file names and hashes.
Joe Sandbox is a dynamic malware analysis system which detects malware based on its behavior. Compared to static signature detection Joe Sandbox has a much better detection rate. Security Professionals use Joe Sandbox to generically detect malware targeting Windows, Android and macOS system.
| Product | Description | Architecture |
|---|---|---|
| In-depth analysis on Windows, Android, macOS and Linux. Analysis on Virtual and Physical (bare metal) machines. Includes Decompilation and Hypervisor plugins as well as all Joe Sandbox Cloud Basic features. | ||
| In-depth analysis on Windows, Android, macOS and Linux. Analysis on Virtual and Physical (bare metal) machines. Includes Decompilation, Classification and Joe Sandbox Mail Monitor plugins. | ||
| Powerful endpoint utility for Windows which helps to analyze suspicious e-Mails, attachments and files. |
Joe Sandbox’s fully automated analysis capabilities can help analysts to quickly and safely validate software installers and mobile applications before deploying them to the corporate endpoints. Joe Sandbox deeply analyzes large software installers and automatically generates a compliance score for each investigation. Detecting vulnerable installers and preventing their installation reduces the risk of compromising your corporate network and prevents data exfiltration.
| Product | Description | Architecture |
|---|---|---|
| In-depth analysis on Windows, Android, macOS and Linux. Analysis on Virtual and Physical (bare metal) machines. Includes Decompilation and Hypervisor plugins as well as all Joe Sandbox Cloud Basic features. | ||
| Joe Lab is the industry's first Cloud-based malware analysis lab with dedicated (24x7), bare-metal machines for manual malware analysis and security testing | ||
| Joe Trace is the industry's first Hypervisor based Process Monitor for manual dynamic malware analysis and detection. Captures dropped files, PCAP and memory dumps. Features extensive Yara and Frida integrations. |
Joe Sandbox is the platform to be integrated into Firewall-, Gateway-, AV-, Next-Gen Endpoint-, Threat Intelligence- and Automated Incident solutions. Joe Sandbox analyzes any malware on Windows, Mac OS X and Android. Vendors get a very flexible tool running on Linux they can integrate easily via various APIs. Joe Security offers flexible license options with features such as Source Code ESCROW, Source Code licensing, white label branding and SLA's.