CSI: ACE Insight

A CyberSecurity Intelligence (CSI)


E.g.: 10.1.16.32,
http://www.domain.com,
http://www.domain.com/sub/sub/sub.html,
http://www.pathtofile.com/file.exe Url contains invalid format or characters 5 reports remaining CSI ACE Insight is a tool for assessing the current state and risk level of a web link or IP address.
CSI ACE Insight performs real-time content analysis, and then displays a report of its findings.

Files are analyzed in the Forcepoint Advanced Malware Detection™ tool, a sandbox that identifies threats and, if applicable, provides forensic details on a file's infection and post-infection behavior. File submission methods and sandboxing results vary according to user access level:

  • All Levels: The Advanced Malware Detection tool is activated whenever a link submitted to CSI ACE Insight initiates a file download.
  • Level 1 & 2: Only web-based files can be submitted to the Advanced Malware Detection tool, under the "Enter a URL/IP Address" tab. A CSI ACE Insight report is generated after analysis, indicating the severity level of any threat detected.
  • Level 3: Local files and web-based files can be submitted to the Advanced Malware Detection tool, under the "Upload a File" tab or "Enter a URL/IP Address" tab, respectively. A complete ACE Insight Report is generated after analysis, indicating the severity level of any threat detected, as well as describing any activities found in processes, the registry, and other areas of the computer.

Welcome Guest

Login

Your current level of access:

Latest from X-Labs Blog

Subscribe to RSS
    

Effective Content Disarm and Reconstruction

March 15, 2023

Content Disarm and Reconstruction ( CDR ) is an old technique, used by defence systems to protect themselves from malware. The idea is to deconstruct a file into its parts, remove any parts that are executable code or scripts, and then reconstruct the file, making adjustments needed to accommodate any missing bits.
 
    

Ransomware and How to Stop It

March 7, 2023

The ransomware plague seems to be unstoppable. Everyone is suffering – businesses, healthcare, utilities, and governments. It’s about making money, and the perpetrators don’t seem to care who gets hurt in the process. But why hasn’t the cybersecurity industry fixed the problem? It’s not like it’s a new thing.
 
    

Examining the Recent ClamAV Security Flaw

March 6, 2023

ClamAV , the open source anti-virus software that’s valuable to so many, recently fixed a vulnerability that might allow an attacker to get their code running in a privileged context. Typically, an anti-virus engine doesn’t usually need to understand the files it checks, it just compares the bytes against its list of known malware signatures.