Xandora is an advanced analysis system that provides a detailed report of what a submitted file does when executed in a monitored Windows environment. Xandora combines both dynamic (behavioural) analysis with static analysis then applies sophisticated deterministic algorithms to identify potentially malicious files whether or not they are detected by antivirus signatures.

By executing files in native Windows, Xandora does not rely on emulation. Emulated environments are easily detected by malware and deliver misleading results. By monitoring malware behaviour in a full native Windows environment Xandora can deliver a more complete and thorough analysis than other methods. In addition, Xandora extracts full network traffic results, providing additional valuable information about where and how malware is attempting to communicate over the Internet. Xandora combines this dynamic behavioural analysis with static analysis of the file attributes, and integrates it with corrollary information with external sources, such as VirusTotal.  Combined, Xandora determines whether or not a given file should be considered suspicious or malicious, to what exent, and why. This is the next generation of detection after antivirus, where there is no dependency on existing signatures, or the need to have seen and analysed a similar file previously.

Xandora's determination of maliciousness is the X-Score. The X-Score provides a single numerical rating of a file's maliciousness derived from its behaviour and static analysis, independant of whether it's been seen before or if AV signatures exist.

 For more information about how Xandora analysis and threat data feeds can be integrated into your security solutions, or enhance your organistion's security posture, Contact Us or read more about Xandora services here.