Kaibou Lab – a Malware Analysis Laboratory
For clients that wish to perform malware analysis work on their own, we offer our product, Kaibou Lab based on our know-how in setting up a malware analysis laboratory. We provide full design and establishment of malware analysis laboratory environments where advanced malware analysis can be safely performed. We also provide focused training that helps our client bootstrapping the usage of the laboratory by introducing and demonstrating the workflow of advanced malware analysis, as well as the different analysis tools.
Kaibou Repo – a Malware Sample Repository
Ukatemi Technologies has a large repository of malware samples that we use in our malware analysis and threat intelligence services. Ukatemi Technologies would provide technology transfer to the client by delivering the blueprint of our malware repository (architecture design, software configurations, database schemes) and helping the client to build a repository similar to ours.
We would also provide a focused training on the operation of the Kaibou, including reverse engineering and malware dissecting methods.
The ICS/OT network is mostly
- installed and assembled by the vendor(s);
- hardware and software are maintained by the vendor(s);
- the company owning it has no visibility and little control over what’s happening.
The ICS/OT network is often a critical system
- legal obligations, safety and security requirements to gain control;
- emerging threats;
- visibility and control are the base of prevention, detection and response.
There is no way to check or control
- what is on the network;
- what is happening on the network.
With a software solution that is capable of discovering devices and information flows, the network visibility is increased. This increased visibility could help company processes that aim to control the network.
Ichidoku is designed for
- easy, almost plug-and-play deployment; and
- simple patch management.
The software is a separate, non-critical entity on the network:
- it is fully passive, its downtime does not affect other systems;
- upgrading cannot break other software or hardware, does not cause compatibility issues.
- passive Asset Discovery and Inventory (including configuration history);
- uncovering Vulnerable Assets;
- policy based Alerting capability (in alignment with MITRE ATT&CK); and
- holistic Anomaly Detection.