In-house malware repository and laboratory

Developing cyber defense capabilities like malware analysis is important for actively securing critical infrastructures, reducing vulnerabilities, improving collective safety and crisis management.


What does it do?

The number and efficiency of cyber attacks grow continuously. Modern cyber weapons can be just as damaging as conventional weapons, therefore cyberspace became the 4th operational area. Targeted attacks are predominantly malware-based here, and well-trained government actors with diverse geopolitical backgrounds must be considered.
Some organisations cannot rely solely on IT partners, they have to develop their own defense capabilities, upgrade their own security postures. Ukatemi’s Kaibou products and complementary services provide a flexible yet firm solution.

Kaibou Repo

A huge set of malware samples: 600 000 000 malware (˜500 TB) inspected, which can be read with 1 GB/sec and searched with 20ms latency. The architecture of this repository is based on an extensible Hadoop cluster that enables further scalability. Kaibou Repo offers multiple search options including search based on sample hash, sample similarity (TLSH) and yara rules - so when an attack occurs, you won’t lose valuable moments.

Kaibou Lab

It is a modular and scalable architecture that enables parallel analysis, generates semi-automated reports in a completely safe sandbox environment where advanced malware analysis can be safely performed. Kaibou Lab supports workflows such as unpacking and de-obfuscation malware samples and artifacts, static and dynamic program analysis, creating analysis reports. Traditional IT solutions won’t be effective in these cases since recent malware are complicated and smart programs.

Experience in the most important industries