Automated Malware Analysis

Next-Generation APT Intelligence

  • April 01, 2013
  • Claudio Guarnieri

We are at war. There's no doubt about it.

Highly sophisticated cyber-attacks and cyber-conflicts are happening on a daily basis. Big corporations, news agencies and government agencies all around the world are getting hacked. A new threat is arising, more sophisticated, more resilient and way more scary.

0day vulnerabilities, undetectable malware and stealthy lateral movements make the attackers of 2013 an unprecedented adversary that traditional security products and tactics can't do anything against. Among us experts we commonly define this threat as APT and trust us, there's nothing you can do about it either. At this very moment, they are the number 1 threat to every organization and individual on the in-ter-net, as shown by the following graph:


Coming from our long experience dealing with malware, sandboxing and making your lives easier, we decided to apply our knowledge into a new cutting-edge product that will help you dealing with APT: identify it, block it and disrupt your adversary! As a result, we are thrilled to announce the release of Dragon Sandbox:


Dragon Sandbox is a unique and invaluable product. It leverages the amazing malware analysis and automation capabilities of Cuckoo Sandbox and expand them with features that will radically change the way you approach security. Dragon is able to process your incoming malware and suspicious files queue and completely automatically analyze and identify, isolate and defeat APT 0day malware and effectively protect your organization.

Protect from APT now!

Some of the key features are:

  • Automatically digest suspicious artifacts from your mailserver, fileserver, instant messaging and even from your workstations.
  • Automatically analyze all suspicious artifacts, trace their behavior, their network operations and dynamically dissect and identify known and unknown malicious patterns.
  • Automatically identify and isolate 0day APT threats and block them from spreading across your network, effectively protecting your perimeter and your assets!
  • Automatically identify the attackers behind the identified attacks, profile them and localize them geographically.
  • Authorize and deploy counter-intelligence and cyber-warfare operations.

Following are some amazing examples of the functioning of this incredible tecnology. In this picture you can see the automatic APT detection feature in place provided by our patended APT-o-Meter®:


As mentioned, Dragon Sandbox is able to automatically isolate sophisticated from unsophisticated threats, so that you know what you should really be concerned about and forget about decadent, unefficient and outdated cybercrime incidents. Our APT-o-Meter® combines unique quantum algorythms with our unmatched knowledge of 0day APT threats, to provide an automatic detection and prevention solution to undetectable malware.

Along with it, we bring our exclusive Orbital Battle Station® (OBS) embedded into Dragon Sandbox. The OBS is able to leverage the continuous undercover intelligence gathering and analysis activities of our researchers and of our hidden sensors around the world, in order to automatically identify the attacker:


In this way, you have all the information needed to make an informed decision on how to respond to the attack and possibly take the chance to disrupt the attacker's operation by leveraging our counter-* capabilities.

Dragon Sandbox represents an unique solution that you won't be able to find matched anywhere else in the industry. Take the upper hand, retake control over your security and finally manage to defeat APT once for all!

Since we care about the community and the safety of the Internet, Dragon Sandbox will be available for free for a limited amount of time, after which it will be provided as a commercial solution for an indefinite amount of money that you certainly will want to pay.

Get it now and fork it from our github repository!

  • April 01, 2013
  • Claudio Guarnieri

Cuckoo Sandbox 2.0 -