Orion Malware: Advanced file-based threats detection solution

Protect your infrastructure with automated detection

Image of a cyber landscape where a malware is detected

Why you need Orion Malware

Detect the Most Advanced Malware

Orion Malware integrates antivirus and static analysis engines with Artificial Intelligence (AI) and dynamic analysis to spot the most advanced malwares

Reduce Analysis Time

Orion Malware saves you valuable time by carrying out in-depth threat analysis, providing detailed reports to prevent future attacks or contain them in the event of an incident

Comprehensive Analysis Reports

The analysis reports include an overall level of risk, malware tactics and techniques and the export of Indicators of Compromise (IOCs)

Awarded Solution

Orion Malware received the France Cybersecurity 2022 label that highlights cyber excellence

Protect you from malwares

Detect the most advanced known and unknown threats

Enable massive file analysis

Build-in connectors for easy integration

Alerting supported

Discover Orion Malware 5.0!

Loaded: 0%
1x
Mock-up Orion 2
Mock-up Orion
Image of a cyber landscape where a malware is detected

Defend yourself against the most advanced malwares

Unique advanced solution

Support all cyber teams within your organisation

- Save time with an in-depth analysis delivered in 1 minute
- Decide quickly with a global risk level and a report summary
- Understand the threat with detailed report per engine
- Enrich your threat intelligence through IoC export
- Manage your detection policy

Enable all users to check files before using them

- Ease of use and secure access for everyone
- Drag and drop files to get a result (green or red light)
- Support multi-langage and look & feel customisation

Automatic file analysis

- Embedded REST API and ICAP connectors for easy file collecting
- Extended specific connectors for third party tools
- Cluster architecture to handle large file scale analysis
- Activity monitoring

Orion Malware Equips Decontamination Stations

Still have some questions?

What are the different versions of Orion Malware?

Orion Malware is available in two versions to suit your safety requirements.

An all-in-one version, including all the analysis engines for the very best in cyber detection

A multi-AV version, for rapid first-level analysis

Does Orion Malware adapt to different types of users?

Yes, Orion Malware offers two access portals to suit all types of users:

Expert Portal: Cyber security teams can access all functionalities (define the analysis workflow, search and consult full reports, export IoCs, replay the analysis, export a memory dump, etc.)

Lite Portal: Users with no prior expertise in cyber security can check files before using them if in doubt. They become involved in their organisation's cyber security efforts. The portal enables users to submit their files and obtain a simplified result.

What are the Orion Malware key features?

One single instance of Orion Malware can support many different use-cases

Support cyber teams

Automatic analysis

User file checking before using

Combined static and dynamic scanning engines based on heuristics and AI detection models

Multi antivirus engines

Agentless sandboxing (dynamic analysis) with customisable environment of detonation

Customisable dual reputation list

Advanced static analysis scanner

An open, modular platform

Configuration of analysis workflows

Customisation of the policy of detection

Easy integration and support for your Threat Intelligence Services

Dedicated Expert portal for cyber teams and LITE portal for all users

REST and ICAP APIs for automated analysis

Export of analysis results in SYSLOG format for SIEM 

Threat Intelligence sharing with exports of IoCs and detection rules

What information does the analysis report contain?

Global threat indicator

Report overview

Malware behavioural analysis

Detail report per engine

MITRE ATT&CK classification

Indicators of compromise export in multiple formats

Timeline malware activities representation

What are the different deployment modes?

Orion Malware is available through a range of integrated servers (S, M, L, XL) that are compatible with online and offline functioning and update

Orion Malware is also available as a SaaS subscription

The Orion Malware licence does not limit the number of files you analyse

Orion Malware can be deployed in a cluster mode to handle large scale analysis

Orion Malware provides an Update Management Console which centralises update management for all instances deployed

Do you provide support and updates?

Yes we provide continuous updating of the detection package as well as technical and functional support (FR and EN). Moreover, three training courses are available (Analyst, Expert, Administrator).

Airbus can help you integrate Orion Malware into your cyber defence chain and develop specific connectors.

Does Orion Malware support Online and Offline modes?

Yes! Orion Malware servers support Online and Offline modes.

Gorille - Orion Malware

Orion Malware rely on innovative detection engine

  • Gorille’ is an innovative detection engine that performs a polymorphic analysis of executable files using AI models, formal methods and reverse-engineering.
  • It enables the detection of unknown threats and their variants with classification capability. 
  • Gorille is integrated as an additional engine in the analysis workflow of the Airbus Orion Malware solution, with the aim of covering an ever wider spectrum of detection with enhanced accuracy.

Discover our partner solution: Cyber Detect

Want to know more?

Our sales team and cyber experts will be happy to provide more information or discuss your specific requirements.

Contact us

Download the Orion Malware brochure

information

Detailed information regarding our file detection and analysis solution

English brochure

French brochure

German brochure

Spanish brochure

Our Other Cyber Solutions

See all products