Orion Malware, advanced file detection and analysis solution
Orion Malware detects known and unknown file-based attacks using a range of analysis engines combining heuristics, a signature database, AI and dynamic analysis.
Orion Malware performs 3 essential functions:
- Detect and analyse known and unknown threats
- Secure your information systems by sharing indicators of compromise
- Support all your teams involved in cyber protection
Detect the most advanced malware
The experts at Airbus Defence and Space Cyber have designed Orion Malware by integrating antivirus software and developing static analysis engines with Artificial Intelligence (AI), and dynamic analysis engines with the aim of spotting the most advanced malware.
Save analysis time
Orion Malware saves you valuable time by performing an in-depth analysis of the threat and providing detailed reports including an overall level of risk, malware tactics and techniques as well as the export of Indicators of Compromise (IOCs) to prevent future attacks or contain them in the event of an incident. Analysis results can be sent automatically via our syslog connector to various tools in your Cyber detection chain.
Key Benefits & Features
Easy integration and support for your Threat Intelligence services
- Specific web portals for file analysis and solution administration functions
- REST and ICAP APIs for automated analysis from your network devices
- Export of analysis results in SYSLOG format for SIEM alerting (Splunk, QRadar, ELK)
- Threat Intelligence sharing with export of IOCs and detection rules in STIX 2.1, MISP, CSV and OpenIOC formats
- 100% functional solution in disconnected mode for isolated environments
- Secure your attachments with the Orion Malware connector for MS-Exchange
- Integration with HarfangLab EDR
Available in two versions to suit your security needs
Orion Malware is available in an ‘All in One’ version including all analysis engines for the best in cyber detection and in a ‘Multi AV’ version for rapid first-level analysis.
Orion Malware adapts to your security requirements
Deployable on a physical server or as SaaS, Orion Malware supports all your cybersecurity teams and adapts to each business use case: SOC, CSIRT/CERT or IT.
- Orion Malware has a range of integrated servers (S, M, L, XL)
- Orion Malware is also available in SaaS subscription format
- Continuous updating of the detection package (antivirus databases, heuristics, machine learning models, dynamic analysis templates)
- Technical and functional support (FR/EN). Three training courses available (Analyst, Expert, Administrator)
- Airbus can help you integrate Orion Malware into your cyber defence chain and develop specific connectors.
Want to know more?
Our sales team and cyber experts will be happy to provide more information or discuss your specific requirements.
Contact Us
