When a C-suite executive receives a suspicious URL, your security analyst needs a safe way to open that URL without putting your enterprise network at risk. REnigma provides an isolated environment separate from your enterprise network that allows the analyst to quickly and safely open the URL. Rest assured that you can investigate suspicious alerts in a safe manner without infecting your enterprise network.
Traditional sandboxes analyze samples during detonation. Our revolutionary Record and Replay technology makes it possible to record detonation interactively and then automatically replay and analyze every instruction, rewind to prior points to dump memory, and provide your analysts with a perfect capture for analysis. The result is unparalleled power and extreme speed to help you get deep answers fast.
By separating the capture from the analysis using Record and Replay, REnigma provides full speed interactive detonation. Our automated analysis passes can extract as much detail as the analyst needs. We present the data in an easy-to-navigate drill down presentation so that the analyst gets a high-level picture and can zoom in to uncover the important details, rather than overload the analyst with too much irrelevant data.
"REnigma is the best solution we have found for providing our analysts a tool to allow them to safely investigate malicious alerts. The ability to have complete recordings of past incidents has proven very useful as record keeping and for future analysis."
"A safe and efficient way to examine potential threats. No other solution allows the user to revisit the environment in which they need to analyze malware."
"REnigma allows me to perform forensic analysis on a throw-away system. It's always available, and I can easily construct a timeline of activity, extract network traffic, dropped files, and other artifacts."