Threatray’s new endpoint memory scanner is used by CERN alongside its intelligence platform.
We are proud to announce today that CERN is now using Threatray to classify and detect advanced malware threats.
CERN, the European Laboratory for Particle Physics, is one of the largest research centers in the world. Its primary mission is to study the fundamental properties of the universe and contribute to ground breaking discoveries that have far-reaching implications for both physics and other scientific fields. It is also the birthplace of the World Wide Web, where Tim Berners-Lee, a British scientist, invented it in 1989. It was originally conceived and developed to meet the demand for automatic information-sharing between scientists in universities and institutes around the world.
Such status attracts advanced targeted threats from financially and politically motivated actors who often leverage mutated malware to bypass existing defenses. Threatray’s new endpoint memory scanner identifies suspicious code in process memory and runs it through its malware analytics and intelligence platform. Threatray’s core engine then performs code reuse analysis and identifies malware variants with a high degree of resilience.
This novel approach addresses the shortcomings of traditional detonation (sandboxing) in endpoint detection as the latter does not work on file-less in memory threats and re-detonation of malware already detonated on the endpoint is often ineffective.
We look forward to supporting CERN in their defense against such attacks and greatly value this partnership as new data and samples will also accelerate our research in the field.