Security firm NetWitness today announced Spectrum, an appliance for enabling automated malware analysis that works in conjunction with the company's traffic-analysis gear used to spot threats and policy violations.
The Spectrum appliance is intended to sit at the internet gateway to examine inbound/outbound network traffic and it can find inbound evidence of "an executable and inappropriate file," or outbound botnet activity, according to Eddie Schwartz, NetWitness chief security officer. "It's another application on top of our infrastructure."
While Spectrum doesn't block suspected inbound malware, it can issue a warning to the security manager about suspicious traffic and enables the NetWitness NextGen equipment to keep track of potential malware code and where it's going in real-time, the company says.
"You can get a profile of how malware moved around the organization," says Schwartz.
Spectrum is intended to compete with products from Damballa and FireEye.