Orion Malware: Advanced file-based threats detection solution

Orion Malware is available in two versions to suit your safety requirements.

An all-in-one version, including all the analysis engines for the very best in cyber detection

A multi-AV version, for rapid first-level analysis

Yes, Orion Malware offers two access portals to suit all types of users:

Expert Portal: Cyber security teams can access all functionalities (define the analysis workflow, search and consult full reports, export IoCs, replay the analysis, export a memory dump, etc.)

Lite Portal: Users with no prior expertise in cyber security can check files before using them if in doubt. They become involved in their organisation's cyber security efforts. The portal enables users to submit their files and obtain a simplified result.

Combined static and dynamic scanning engines based on heuristics and AI detection models

5 antivirus engines

Dynamic analysis

Customisable dual reputation list

Advanced static analysis scanner

An open, modular platform

Configuration of analysis workflows

Management of dynamic and behavioural heuristics, IA models

Easy integration and support for your Threat Intelligence Services

Specific web portals

REST and ICAP APIs for automated analysis

Export of analysis results in SYSLOG format for SIEM 

Threat Intelligence sharing with exports of IoCs and detection rules

... and more!

Global threat indicator

Malware behavioural analysis

MITRE ATT&CL classification

Indicators of compromise

Orion Malware has a range of integrated servers (S, M, L, XL) that suit all your cyber needs.

Orion Malware is also available as a SaaS subscription.

Yes we provide continuous updating of the detection package as well as technical and functional support (FR and EN). Moreover, three training courses are available (Analyst, Expert, Administrator).

Airbus can help you integrate Orion Malware into your cyber defence chain and develop specific connectors.

Yes! Orion Malware servers support Online and Offline modes.