Orion Malware: Advanced file-based threats detection solution
Protect your infrastructure with automated detection
Why you need Orion Malware
Protect you from malwares
Detect the most advanced known and unknown threats
Enable massive file analysis
Build-in connectors for easy integration
Alerting supported
Discover Orion Malware 5.0!
Defend yourself against the most advanced malwares
Unique advanced solution
Support all cyber teams within your organisation
- Save time with an in-depth analysis delivered in 1 minute
- Decide quickly with a global risk level and a report summary
- Understand the threat with detailed report per engine
- Enrich your threat intelligence through IoC export
- Manage your detection policy
Enable all users to check files before using them
- Ease of use and secure access for everyone
- Drag and drop files to get a result (green or red light)
- Support multi-langage and look & feel customisation
Automatic file analysis
- Embedded REST API and ICAP connectors for easy file collecting
- Extended specific connectors for third party tools
- Cluster architecture to handle large file scale analysis
- Activity monitoring
Orion Malware Equips Decontamination Stations
Still have some questions?
What are the different versions of Orion Malware?
Orion Malware is available in two versions to suit your safety requirements.
An all-in-one version, including all the analysis engines for the very best in cyber detection
A multi-AV version, for rapid first-level analysis
Does Orion Malware adapt to different types of users?
Yes, Orion Malware offers two access portals to suit all types of users:
Expert Portal: Cyber security teams can access all functionalities (define the analysis workflow, search and consult full reports, export IoCs, replay the analysis, export a memory dump, etc.)
Lite Portal: Users with no prior expertise in cyber security can check files before using them if in doubt. They become involved in their organisation's cyber security efforts. The portal enables users to submit their files and obtain a simplified result.
What are the Orion Malware key features?
One single instance of Orion Malware can support many different use-cases
Support cyber teams
Automatic analysis
User file checking before using
Combined static and dynamic scanning engines based on heuristics and AI detection models
Multi antivirus engines
Agentless sandboxing (dynamic analysis) with customisable environment of detonation
Customisable dual reputation list
Advanced static analysis scanner
An open, modular platform
Configuration of analysis workflows
Customisation of the policy of detection
Easy integration and support for your Threat Intelligence Services
Dedicated Expert portal for cyber teams and LITE portal for all users
REST and ICAP APIs for automated analysis
Export of analysis results in SYSLOG format for SIEM
Threat Intelligence sharing with exports of IoCs and detection rules
What information does the analysis report contain?
Global threat indicator
Report overview
Malware behavioural analysis
Detail report per engine
MITRE ATT&CK classification
Indicators of compromise export in multiple formats
Timeline malware activities representation
What are the different deployment modes?
Orion Malware is available through a range of integrated servers (S, M, L, XL) that are compatible with online and offline functioning and update
Orion Malware is also available as a SaaS subscription
The Orion Malware licence does not limit the number of files you analyse
Orion Malware can be deployed in a cluster mode to handle large scale analysis
Orion Malware provides an Update Management Console which centralises update management for all instances deployed
Do you provide support and updates?
Yes we provide continuous updating of the detection package as well as technical and functional support (FR and EN). Moreover, three training courses are available (Analyst, Expert, Administrator).
Airbus can help you integrate Orion Malware into your cyber defence chain and develop specific connectors.
Does Orion Malware support Online and Offline modes?
Yes! Orion Malware servers support Online and Offline modes.
Orion Malware rely on innovative detection engine
- Gorille’ is an innovative detection engine that performs a polymorphic analysis of executable files using AI models, formal methods and reverse-engineering.
- It enables the detection of unknown threats and their variants with classification capability.
- Gorille is integrated as an additional engine in the analysis workflow of the Airbus Orion Malware solution, with the aim of covering an ever wider spectrum of detection with enhanced accuracy.
Discover our partner solution: Cyber Detect
Download the Orion Malware brochure
information
Detailed information regarding our file detection and analysis solution
English brochure
Orion Malware - English
French brochure
Orion Malware - French
German brochure
Orion Malware - German
Spanish brochure
Orion Malware - Spanish
- English brochure
- French brochure
- German brochure
- Spanish brochure
Orion Malware - English
Orion Malware - French
Orion Malware - German
Orion Malware - Spanish
Our Other Cyber Solutions
-
CyberRange: Advanced Simulation and Training Solution
CyberRange is an integration and simulation platform which allows you to build complex virtual and physical systems to simulate…
-
Ectocryp: High-Grade Encryption Services for Defence and Security
Ectocryp, from Airbus Defence and Space Cyber enables reliable and safe delivery of high-grade crypto information in voice, data…
-
Secure Gateway: Protecting Inter-level Exchanges
Analyse information flows and control their distribution with a high level of confidence thanks to our Gateway capabilities.
-
Tactical SOC Platform: advanced cyber defence solution
Defence organisations need to be ready to detect, investigate and respond to cyber attacks in all terrains, including the most…
-
CymID: Identity Management and Authentication Solution
CymID is designed to fit seamlessly into your small and medium-sized systems and integrates IAM, provisionning and SSO functions.
