The US Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Malware Next-Gen Analysis platform to provide automated malware analysis support to a wide range of users.
Description
CISA has expanded its Malware Next-Gen Analysis platform to offer automated malware analysis support to federal [6], state [4] [6], and local government agencies [4] [6], as well as any organization, security researcher [1] [5], or individual with a login gov account. The tool [3] [4], initially available to gov and mil organizations [4], has seen almost 400 registered users submitting over 1,600 files since November 2023. Users can submit suspicious files [1], URLs [4] [5] [6] [7], and IP addresses for analysis, with the option of anonymous submission for those who prefer not to register. The platform utilizes dynamic and static analysis tools within a secure US government system to determine the malicious nature of submitted samples, providing timely information on new malware samples in PDF and STIX 2.1 data formats. This enhances AI-powered threat-hunting capabilities and aids enterprises in defending against cyber attacks. Registration requires a login gov account, and only registered users can access the full system and receive analysis results [6]. CISA has identified approximately 200 suspicious files or URLs out of the 1,600 submissions [5], assisting in combating cybercrime. The platform has been well-received for democratizing cybersecurity [3], enabling small organizations and individuals to access sophisticated malware analyses [3]. Users must consent to monitoring for improved threat hunting and incident response capabilities. The platform automates analysis of newly identified malware to bolster cyber defense efforts [2], handling the increasing workload of cyber-threat analysis with multilevel containment capabilities.
Conclusion
CISA’s Malware Next-Gen platform has had a positive impact on the cybersecurity community by providing advanced malware analysis to a wide range of users. By democratizing cybersecurity [3], the platform allows small organizations and individuals to access sophisticated analyses of malware content [3]. Moving forward, CISA encourages all organizations [1], security researchers [1] [5], and individuals to register and submit suspicious files for analysis to enhance cyber defense efforts and prevent cyber threats.
References
[1] https://ciso2ciso.com/cisa-makes-its-malware-next-gen-analysis-system-publicly-available-source-www-bleepingcomputer-com/
[2] https://cyber.vumetric.com/security-news/2024/04/11/cisa-makes-its-malware-next-gen-analysis-system-publicly-available/
[3] https://www.443news.com/2024/04/cisa-opens-its-malware-analysis-and-threat-hunting-tool-for-public-use/
[4] https://www.csoonline.com/article/2089512/cisa-opens-its-malware-analysis-and-threat-hunting-tool-for-public-use.html
[5] https://www.darkreading.com/vulnerabilities-threats/cisa-s-new-malware-analysis-platform-could-enable-better-threat-intelligence
[6] https://cybermaterial.com/cisa-malware-analysis-expansion/
[7] https://gbhackers.com/malware-next-gen/