Monitor Malware Across Safeweb Platforms In Real Time
Webshark™ is a powerful and advanced, enterprise-class malware hunting platform, designed to detect infected Safeweb instances, helping your security team analyze and respond to attacks.
Webshark™ is powered by Digital DNA® technology, which identifies the specific behavioral traits of every process running in memory
Quickly pinpoint compromised Safeweb instances, recognize breach indicators and detect new malware attacks on instances.
Easily collect and collate critical digital artifacts from across the entire Safeweb infrastructure memory for further analysis.
View aggregated status and support large-scale, consistent incident response by automating these operations enterprise-wide.
Digital DNA automatically reverse engineers all code in memory and examines it for malicious behaviors. Behaviors are matched against traits from MCSI’s Malware Genome database and classified as good, bad, or neutral. Rules and weighting are applied to compute each module’s overall severity score, which is presented as part of a comprehensive threat profile. Webshark™ drills down into specific behaviors and provides fast malware insight.
Webshark™ scans are fast, and carefully designed for minimal impact on endpoint performance. These scans probe even the lowest level attributes of files, modules, resource handles, and other system objects, and can be used to search raw physical memory, the live operating system and disk volumes. Create your own scan policies or queries to scan for indicators, digital artifacts associated with the latest threats or malware behaviors.
Using scan policies, Webshark™ allows you to collect critical data to help validate prospective security incidents, providing time-slice views of system activity, including data from event logs, network connections, and the Web and prefetch caches. It provides browsable snap-shots of the file system in a Windows® Explorer-like format, including attributes and download links for every file, searchable lists of processes, modules, and services.