IMSVA integrates with
Virtual Analyzer in Deep Discovery Analyzer, which is a separately licensed product
that
provides on-demand analysis of file and URL samples.
IMSVA sends suspicious messages, including attachments, to
Virtual Analyzer for further analysis. If Virtual Analyzer scanning is enabled for
certain attachment file types, messages with those attachments are also sent to Virtual
Analyzer. Virtual Analyzer performs content simulation and analysis in an isolated
virtual environment to identify characteristics commonly associated with many types
of
malware.
In particular, Virtual Analyzer checks if files attached to messages
contain exploit code. Although many files include non-executable
data, attackers find ways to cause such files to exploit vulnerabilities
in programs and operating systems that run them. Because of this,
sending malicious files to target users has become an effective
way for attackers to compromise systems.