Enable Sandboxing as a Centralized Service Parent topic

Deep Discovery Analyzer ensures optimized performance with a scalable solution able to keep pace with email, network, endpoint, and any additional source of samples.

Custom Sandboxing Parent topic

Deep Discovery Analyzer performs sandbox simulation and analysis in environments that match the desktop software configurations attackers expect in your environment and ensures optimal detection with low false-positive rates.

Broad File Analysis Range Parent topic

Deep Discovery Analyzer examines a wide range of Windows executable, Microsoft Office, PDF, web content, and compressed file types using multiple detection engines and sandboxing.

YARA Rules Parent topic

Deep Discovery Analyzer uses YARA rules to identify malware. YARA rules are malware detection patterns that are fully customizable to identify targeted attacks and security threats specific to your environment.

Document Exploit Detection Parent topic

Using specialized detection and sandboxing, Deep Discovery Analyzer discovers malware and exploits that are often delivered in common office documents and other file formats.

Automatic URL Analysis Parent topic

Deep Discovery Analyzer performs page scanning and sandbox analysis of URLs that are automatically submitted by integrating products.

Detailed Reporting Parent topic

Deep Discovery Analyzer delivers full analysis results including detailed sample activities and C&C communications via central dashboards and reports.

Alert Notifications Parent topic

Alert notifications provide immediate intelligence about the state of Deep Discovery Analyzer.

Clustered Deployment Parent topic

Multiple standalone Deep Discovery Analyzer appliances can be deployed and configured to form a cluster that provides fault tolerance, improved performance, or a combination thereof.

Trend Micro Product Integration Parent topic

Deep Discovery Analyzer enables out-of-the-box integration to expand the sandboxing capacity of Trend Micro email and web security products.

Web Services API and Manual Submission Parent topic

Deep Discovery Analyzer allows any security product or authorized threat researcher to submit samples.

Custom Defense Integration Parent topic

Deep Discovery Analyzer shares new IOC detection intelligence automatically with other Trend Micro solutions and third-party security products.

ICAP Integration Parent topic

Deep Discovery Analyzer supports integration with Internet Content Adaptation Protocol (ICAP) clients. After integration, Deep Discovery Analyzer can perform the following functions:
  • Work as an ICAP server that analyzes samples submitted by ICAP clients
  • Serve User Configuration Pages to the end user when the specified network behavior (URL access / file upload / file download) is blocked
  • Control which ICAP clients can submit samples by configuring the ICAP Client list
  • Bypass file scanning based on selected MIME content-types
  • Bypass file scanning based on true file types
  • Bypass URL scanning in RESPMOD mode
  • Scan samples using different scanning modules
  • Filter sample submissions based on the file types that Virtual Analyzer can process.