ReversingLabs Titanium Platform presents TitaniumCloud, an important threat intelligence tool that continually harvests files and intelligence information from various sources across the internet. Enriching threat intelligence data in this way makes it more actionable and relevant, drives security team efficiency, and even encourages inter-organizational collaboration since ReversingLabs makes this file and data analysis reservoir accessible to good faith actors all over the world.
Organizations struggle to improve SOC efficiency and to optimize their existing threat intelligence programs that protect their environments against high-risk threat vectors, while analysts face more alert fatigue and skillset gaps than ever. Yet, non-optimized threat hunting tools still miss threats and lack the indicators of compromise enrichments that they need to drive information value. ReversingLabs seeks to reverse these trends with three offerings that make up Titanium Platform: TitaniamCloud, which delivers reputation and intelligence; TitaniumScale, which offers a scalable and elastic hub worker module; and A1000, an investigation console complete with malware analysis.
This product focuses on growing attack vectors, specifically large destructive files and objects that are otherwise too large and complex for other analysis tools. The sheer volume of unpackers and supported formats that this product offers lets organizations process almost all data across all operating systems and application layers. It maps URLs to corresponding malware files, continuously and recursively crawling and breaking down each component so that analysts may discover every URL to which a particular malicious file has attached itself, not just the URL that delivers it into an environment initially. It also assigns every file a dynamic severity rating on a scale of 1-5, with 1 being the most benign and 5 the most severe. This rating may change depending on the results of the recursive analysis.
TitaniumCloud reveals the reasoning behind every threat determination it makes. Such transparency gives security teams confidence in all of the machine-generated insights and recommendations they receive. The platform also offers many opportunities for automation, issuing configuration recommendations with similarly transparent explanations that encourage organizations to adopt them. These explanations can offer sufficient depth and understanding of a threat to formulate customized automated responses to threats via the API.
ReversingLabs designed the A1000 dashboard to quickly digest and display monthly statistical analysis trends. It collects approximately 8 million unique threat samples daily and combines them with internal threat intelligence to gauge threat maliciousness and severity. It categorizes all platform data, highlights the most critical information, such as the top malicious family detections based on malware type, and prioritizes remediations. The metrics in the dashboard give analysts useful overviews of current environment security posture and trends over time.
Overall, security pros will find ReversingLabs Titanium Platform an exceptional threat intelligence product that delivers valuable information while maximizing actionability. It maps threats to the MITRE ATT&CK Framework to accelerate investigation and response activities, while its massive known-malware repository ensures organizations keep pace with the ever-growing threat landscape. Titanium always issues descriptions in plain language so that even analysts with less experience can actively and effectively engage in threat hunting and response. Such ease-of-use, transparency, and scalability make Titanium an attractive option for organizations of all sizes.
Pricing starts at $10,000 per year and includes 8/5 phone, email, and website support. Organizations also have access to a knowledgebase and a FAQ list, both of which are rich in content and easy-to-use.
Written by Katelyn Dunn
Tested by Tom Weil