Cuckoo Sandbox vs. Reality

The problem: Having to analyse several hundred thousand potential malware samples every day. The solution: Building a scalable system that has detailed information about sample behavior and functionality with the help of Cuckoo Sandbox.

Problem We get several hundred thousand potential malware samples every day, a number that increased when we began to detect even more by developing our Avira Protection Cloud technology. In the Avira Protection Lab, one of our primary tasks is to classify the samples and analyse their behavior, either for inclusion in our virus database or for repair. With this incredible amount of samples, it is of course impossible to do it all manually.

Solution cuckoo Our solution was to build a scalable system with detailed information about sample behaviors and functionalities. This system needed to be fully automated and reliable. To achieve that, one of the tools we are now using is Cuckoo Sandbox.

Cuckoo Sandbox

http://www.cuckoosandbox.org/

Continue to the full article at AVIRA