Cythereal MalWeb

Cythereal MalWeb is a cloud-based, automated malware analysis platform that discovers connections between malware samples to construct a relational "malware web." It is built on research from the DARPA Cybergenome program and uses "malware DNA" derived from malware code to identify deep and hidden links between samples that traditional antivirus solutions do not surface. Unlike conventional anti-malware tools that provide point-in-time information about individual malware, MalWeb maps the relationships between malware across time and geography. This enables network defenders to gain situational awareness of the threat environment, receive early warning of targeted attacks in progress, and reconstruct attack chains for incident response and forensic investigation. MalWeb can be deployed within an organization's own data center to maintain data confidentiality. It exposes a RESTful API to allow integration into existing organizational workflows and supports customization. Multiple MalWeb installations can be interlinked to form cybersecurity information-sharing networks, which can be scoped to a single company, an industry sector, a geographic region, or made public. Cythereal operates a MalWeb Hub intended to aggregate daily malware feeds from global sources and distribute situational awareness reports on the global threat environment.