RL Spectra Advanced File Analysis and Malware Detection Suite Updates>
Reversing Labs Blog –
ReversingLabs has announced new features for their Spectra Analyze (formerly A1000) and Spectra Detect (formerly Titanium Scale) products
These updates aim to improve the quality and efficiency of the platform to stay ahead of the evolving threat landscape
Spectra Analyze v9.1 Release Highlights:
1) Network Threat Intelligence Improvements:
– New Network Summary Page: Redesigned interface for at-a-glance visibility of key network findings, including Passive DNS, WHOIS, ASN, and certificates.
– URL Analysis Added for Spectra Sandbox: Perform URL analysis in the built-in cloud sandbox, providing additional URL metadata and screenshots from dynamic detonations.
2) Search and Threat Hunting Enhancements:
– Group Keywords: Expanded set of familiar keywords, including new group keywords (certificate, certificate-country, document, section, segment, and software) to simplify the process of finding interesting samples.
– YARA Matched Strings in HEX Preview: Visualizes which part of the binary was matched by a given YARA rule, allowing threat hunters to quickly view the exact location of found strings sections in the HEX preview
Spectra Detect v5.1 Release Highlights:
1) Private YARA Retro Hunting:
– Conduct retro-YARA queries against private, enterprise-specific files at scale.
– Run retro hunts against local or remote storage, enabling complete incident response workflows and allowing IR teams to retroactively investigate potentially compromised files by rapidly rescanning key historical files with updated YARA rules
ReversingLabs continues to work on improving and enhancing their solutions to meet and exceed their customers’ needs and expectations.
Link: https://www.reversinglabs.com/blog/rl-spectra-advanced-file-analysis-and-malware-detection-suite-updates