๐๐๐.๐๐๐ ๐๐ฉ๐ฉ ๐๐จ๐ซ ๐๐๐ ๐๐๐๐๐๐ซ ๐๐๐๐: ๐ ๐๐ฌ๐ญ๐๐ซ, ๐๐ฆ๐๐ซ๐ญ๐๐ซ ๐๐ง๐๐ข๐๐๐ง๐ญ ๐๐๐ฌ๐ฉ๐จ๐ง๐ฌ๐
The new IBM QRadar SOAR integration enables analysts to detonate suspicious files and URLs in ANY.RUNโs interactive sandbox directly from QRadar SOAR, with verdicts, behavioral logs, and indicators of compromise (IOCs) automatically pushed back into incidents. This approach streamlines triage, reduces Mean Time to Respond (MTTR), and helps SOC teams catch stealthy threats earlier.
๐๐ฒ๐ป๐ฒ๐ณ๐ถ๐๐ ๐ณ๐ผ๐ฟ ๐ฆ๐ข๐๐ ๐ถ๐ป๐ฐ๐น๐๐ฑ๐ฒ:
ยท Lower workload and faster response through automation.
ยท Improved efficiency across Tier 1 and Tier 2 analysts.
ยท Smarter decision-making with enriched playbooks and detection rules.
ยท Early visibility into multi-stage and evasive attacks.
ยท Greater ROI from existing SOAR investments without additional infrastructure.
The ANY.RUN app is available now on the IBM App Exchange.
๐๐ก๐ซ๐๐๐ญ ๐๐ง๐ญ๐๐ฅ๐ฅ๐ข๐ ๐๐ง๐๐ ๐๐จ๐จ๐ค๐ฎ๐ฉ: ๐ ๐ซ๐๐ ๐๐๐๐๐ฌ๐ฌ ๐ญ๐จ ๐๐๐๐ฅ-๐๐จ๐ซ๐ฅ๐ ๐๐ก๐ซ๐๐๐ญ ๐๐๐ญ๐
ANY.RUNโs Threat Intelligence Lookup (TI Lookup) now includes a Free plan, providing SOC teams with real-time, actionable threat intelligence from millions of sandboxed malware sessions.
With TI Lookup Free, analysts can:
ยท Enrich investigations with real-world context.
ยท Reduce MTTR using live behavioral insights.
ยท Strengthen proactive defense with early visibility into emerging threats.
ยท Explore TTPs through the MITRE ATT&CK matrix.
ยท Develop and refine SIEM, IDS/IPS, and EDR rules.
The Free plan allows unlimited searches across file hashes, URLs, domains, IPs, Suricata IDs, and MITRE ATT&CK techniques. For enterprise needs, TI Lookup Premium offers expanded data, private search, YARA rule matching, alert subscriptions, and API integration.
๐๐๐๐ข๐๐ง ๐๐๐ ๐๐๐ง๐๐๐จ๐ฑ: ๐๐๐ฏ๐๐ง๐๐๐ ๐๐ง๐๐ฅ๐ฒ๐ฌ๐ข๐ฌ ๐จ๐ ๐๐จ๐ ๐๐ง๐ ๐๐ฆ๐๐๐๐๐๐ ๐๐ก๐ซ๐๐๐ญ๐ฌ
To address the rise of ARM-based attacks targeting IoT devices and embedded infrastructure, ANY.RUN now supports ๐๐ถ๐ป๐๐ ๐๐ฒ๐ฏ๐ถ๐ฎ๐ป ๐ญ๐ฎ.๐ฎ (๐๐ฅ๐ , ๐ฒ๐ฐ-๐ฏ๐ถ๐) in its Interactive Sandbox.
This environment allows analysts to:
ยท Interact directly with ARM-based malware in real time.
ยท Detect persistence, evasion, and privilege escalation techniques.
ยท Trace execution paths from dropped files to command-line activity.
ยท Map behaviors to MITRE ATT&CK for accurate threat classification.
The Debian ARM sandbox is available to Enterprise users.
๐๐ฑ๐ฉ๐๐ง๐๐๐ ๐๐ก๐ซ๐๐๐ญ ๐๐๐ญ๐๐๐ญ๐ข๐จ๐ง: ๐๐๐ฐ ๐๐ข๐ ๐ง๐๐ญ๐ฎ๐ซ๐๐ฌ, ๐๐๐๐ ๐๐ฎ๐ฅ๐๐ฌ, ๐๐ง๐ ๐๐ฎ๐ซ๐ข๐๐๐ญ๐ ๐๐จ๐ฏ๐๐ซ๐๐ ๐
In July, ANY.RUN strengthened detection capabilities with:
ยท 163 new behavior signatures for detecting obfuscation, persistence, and stealth techniques.
ยท 13 new YARA rules, including coverage for BlackMatter, LockBit4, and Sinobi.
ยท 2,772 new Suricata rules to improve detection of phishing campaigns and data exfiltration, including Telegram-based exfiltration and fake government domains.
To get more details, visit ANY.RUNโs blog.
๐๐๐จ๐ฎ๐ญ ๐๐๐.๐๐๐
ANY.RUN is an interactive malware analysis and threat intelligence platform trusted by over 500,000 cybersecurity professionals worldwide. By combining real-time sandboxing, threat intelligence, and automation, ANY.RUN helps SOC teams investigate incidents faster, stop threats earlier, and strengthen defenses against evolving cyberattacks.
The ANY.RUN team
ANYRUN FZCO
+1 657-366-5050
email us here
Visit us on social media:
LinkedIn
Twitter