Explore Joe Security Cloud Basic Accounts Subscribe to our Newsletters Contact Us
top title background image

Joe Security's Blog

Joe Sandbox + Phantom

Good news! You now can use Joe Sandbox in the Phantom: Security Automation and Orchestration Platform! What is Phantom exactly? It is an awesome tool to intelligently combine and automate various security products to build a full incident response chain: There are already a huge number of apps that use Phantom: The configuration of the Joe Sandbox app is very simple. Just add your API key: The aforementioned combination and automation is then done via so-called playbooks. Let us have a look at the Joe Sandbox playbook: In the playbook you choose various actions (from start to end). Actions are directly related to the apps.


Brief technical Analysis of Wannacry Ransomware Worm v2

Last Friday, May 12th 2017 cyber criminals started to spread a new ransomware. The malicious code was not highly sophisticated, it was using a recently patched SMB bug (MS17-010 also known as ETERNALBLUE) to spread. The remotely exploitable SMB bug was part of an NSA leaks series and affected XP up to Windows Server 2012. Windows 10 is not affected.


Behavior Graph 2.0

Besides working on new and deep malware analysis features we also continuously improve and extend the visualizations. Visualizations help to understand complex data very quickly and also to separate noise from interesting data. So far Joe Sandbox generates the following visualizations: Classification (Spider Chart) Behavior Graphs IP to Country World Map CPU and Memory Statistics Behavior Distribution Execution Graphs Recently have added some cool new features to the Behavior Graph. In this blog post, we outline some of them.


Older Posts