MALWARE MONITORING

Webshark™

Monitor Malware Across Safeweb Platforms In Real Time

Webshark™ is a powerful and advanced, enterprise-class malware hunting platform, designed to detect infected Safeweb instances, helping your security team analyze and respond to attacks.

Capabilities for Every Phase
of Incident Response

Monitor

Webshark™ is powered by Digital DNA® technology, which identifies the specific behavioral traits of every process running in memory

Detect

Quickly pinpoint compromised Safeweb instances, recognize breach indicators and detect new malware attacks on instances.

Analyze

Easily collect and collate critical digital artifacts from across the entire Safeweb infrastructure memory for further analysis.

Respond

View aggregated status and support large-scale, consistent incident response by automating these operations enterprise-wide.

Malware Detection Made Easy
with Digital DNA®

Digital DNA automatically reverse engineers all code in memory and examines it for malicious behaviors. Behaviors are matched against traits from MCSI’s Malware Genome database and classified as good, bad, or neutral. Rules and weighting are applied to compute each module’s overall severity score, which is presented as part of a comprehensive threat profile. Webshark™ drills down into specific behaviors and provides fast malware insight.

Sweep Systems for
Known Indicators

Webshark™ scans are fast, and carefully designed for minimal impact on endpoint performance. These scans probe even the lowest level attributes of files, modules, resource handles, and other system objects, and can be used to search raw physical memory, the live operating system and disk volumes. Create your own scan policies or queries to scan for indicators, digital artifacts associated with the latest threats or malware behaviors.

Incident Analysis

Using scan policies, Webshark™ allows you to collect critical data to help validate prospective security incidents, providing time-slice views of system activity, including data from event logs, network connections, and the Web and prefetch caches. It provides browsable snap-shots of the file system in a Windows® Explorer-like format, including attributes and download links for every file, searchable lists of processes, modules, and services.

Download the Webshark PDF