SecondWrite brings deep learning and forced code-execution to the battle against advanced malware. Our dynamic analysis malware detector uses patented technology to find, forcibly execute and evaluate hidden code paths that other malware detectors miss. Using advanced program analysis, neural networks, and our state-of-the-art patented technology, we automatically find code sequences that characterize malware without prior signatures, thus classifying malicious program behavior and features that consistently evade competitive technology. Our product, Malware DeepView delivers deep, actionable insight into malware quickly with a lower total cost of ownership than competitive tools.
Today’s cybercriminals are using Artificial Intelligence to develop evasive malware with new behaviors that successfully defeats existing cyber- security solutions by hiding itself inside sandboxes and malware detectors and then launching cyber-attacks on live systems.
Existing sandbox based automated malware analysis systems capture indicators of compromise (IOC) based on interaction of a malware with the external environment. A lack of an ability to introspect malware leaves a severe blind spot that is exploited by malware writers to defeat such solutions. In addition, only relying on such external behavior based IOC results in insufficient differentiation between benign and malicious software, causing lots of false alerts.
Our technology leverages the fact that malware is programmed in a fundamentally different manner from regular benign software and contains several program-level obfuscations and other anti-analysis features. Using our patented technology and Deep Learning, we identify and capture IOCs based on such internal programs properties. This additional IOC spectrum results in a more reliable differentiation between benign software and malware, resulting in fewer alerts.
SecondWrite is a spinoff from University of Maryland, College Park. It is co-founded by faculty and PhDs from University of Maryland who have collaborated for over a decade in developing novel cutting-edge cybersecurity and program analysis techniques.