Our Contribution
Using different types of powerful analytics, the APL-developed REnigma tool enables cyber analysts to quickly review malware. REnigma’s Virtual Machine Record and Replay capability records detected malware and allows an analyst to evaluate it in greater detail than previously possible. The technology provides an isolated environment where code can be executed without interfering with a network, and where malware samples can be detonated in a safe place. The typically time-consuming and often expensive recovery process after a malware attack can now be done more efficiently and cost-effectively. The technology will soon be commercially available to medium and large organizations that generally need malware analysis, such as banks and government agencies.