Safe
As a SOC analyst responding to an alert or a malware analyst digging in deep on a sample, you need a safe way to open malicious files and URLs without putting your organization's network at risk. REnigma provides an isolated environment separate from your network that allows the analyst to quickly and safely open malicious samples. Rest assured that you can investigate suspicious alerts or dangerous malware in a safe manner without infecting your network.
Powerful
Traditional sandboxes analyze samples during detonation. Our revolutionary Record and Replay technology makes it possible to efficiently first record detonation, capturing every instruction that executes. Then, use replay for deep analytics down to the instruction, rewind to prior points to dump memory, and create custom analytics with the API. The result is unparalleled power that ensures no question is unanswered and that the malware has nowhere to hide.
Easy to Use
By separating capture from the analysis using Record and Replay, REnigma provides full speed detonation. This makes the user experience unmatched in interactive workflows and increases speed of automated workflows. The separation also makes it easy to extract as much detail as the analyst needs but no more. We present the data in an easy-to-navigate drill down presentation so that the analyst gets a high-level picture and can zoom in to uncover the important details, rather than overload the analyst with too much irrelevant data.