Identify dormant and active malware threats
The Stairwell platform provides your team a one-stop-shop for ongoing deep-file static and dynamic analysis of potential malware and presents all of the information in an easy-to-use interface. Stairwell also provides file enrichment APIs that can pull information directly into your SIEM and/or SOAR.
Once your files are loaded into Stairwell via the lightweight file forwarder, they are continuously evaluated against the latest threat intelligence that includes the Stairwell platform’s shared corpus of hundreds of millions of malware samples. Potentially malicious files in your current environment are identified and matches in prior states of your environment are identified and can be re-examined. You can also set notifications for future matches.
Stairwell can compare the features of suspicious files against the overall file corpus of your organization and highlight any files that look similar to the bad ones. The deep-file analysis capabilities of Stairwell help your investigators analyze these matches for maliciousness.
You can also use the Stairwell platform to analyze files from systems that you believe were infected on an ad hoc basis.
The deep-file analysis capabilities of Stairwell help your investigators analyze these matches for maliciousness.