Government , Industry Specific , Security Operations

US CISA Aims to Expand Automated Malware Analysis Support

US Cyber Defense Agency Scales Next-Generation Malware Analysis Platform
US CISA Aims to Expand Automated Malware Analysis Support
The U.S. Cybersecurity and Infrastructure Security Agency opened up access to a malware analysis system to partner agencies.

The U.S. Cybersecurity and Infrastructure Security Agency is aiming to provide automated malware analysis support to all federal, state and local government agencies with a new version of its next-generation information system.

See Also: GovExec: Pillars of Modernization

The agency on Wednesday announced wider availability of its Malware Next-Generation Analysis platform.

Any agency that partners with CISA can submit samples of malware and suspicious artifacts for review. "Effective and efficient malware analysis helps security professionals detect and prevent malicious software from enabling adversary access to persistence within an organization," said Eric Goldstein, CISA executive assistant director for cybersecurity.

Goldstein said the malware analysis platform "enables CISA's cybersecurity threat hunting analysts to better analyze, correlate, enrich data, and share cyber threat insights with partners."

The platform conducts automatic scans and analysis of submitted samples and then provides CISA analysts and members of the operations community with multilevel containment capabilities. Nearly 400 registered users have submitted more than 1,600 samples for review since the analysis platform first became available to federal and military agencies in November, according to CISA.

CISA says the automated malware analysis is a combination of static and dynamic analysis running in a secure U.S. government system that provides results in PDF and STIX 2.1 data formats.

The agency says its Malware Next-Gen Analysis platform identified approximately 200 suspicious or malicious files and URLs from those samples.

Anyone can submit malware samples to the platform, even anonymously, but only registered users can access the full system and receive analysis results. Registration to the updated platform requires a account.

About the Author

Chris Riotta

Chris Riotta

Managing Editor, GovInfoSecurity

Riotta is a journalist based in Washington, D.C. He earned his master's degree from the Columbia University Graduate School of Journalism, where he served as 2021 class president. His reporting has appeared in NBC News, Nextgov/FCW, Newsweek Magazine, The Independent and more.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.