CSI: ACE Insight

A CyberSecurity Intelligence (CSI)


E.g.: 10.1.16.32,
http://www.domain.com,
http://www.domain.com/sub/sub/sub.html,
http://www.pathtofile.com/file.exe
Url contains invalid format or characters 5 reports remaining CSI ACE Insight is a tool for assessing the current state and risk level of a web link or IP address.
CSI ACE Insight performs real-time content analysis, and then displays a report of its findings.

Files are analyzed in the Forcepoint Advanced Malware Detection™ tool, a sandbox that identifies threats and, if applicable, provides forensic details on a file's infection and post-infection behavior. File submission methods and sandboxing results vary according to user access level:

  • All Levels: The Advanced Malware Detection tool is activated whenever a link submitted to CSI ACE Insight initiates a file download.
  • Level 1 & 2: Only web-based files can be submitted to the Advanced Malware Detection tool, under the "Enter a URL/IP Address" tab. A CSI ACE Insight report is generated after analysis, indicating the severity level of any threat detected.
  • Level 3: Local files and web-based files can be submitted to the Advanced Malware Detection tool, under the "Upload a File" tab or "Enter a URL/IP Address" tab, respectively. A complete ACE Insight Report is generated after analysis, indicating the severity level of any threat detected, as well as describing any activities found in processes, the registry, and other areas of the computer.

Welcome Guest

Login

Your current level of access:

2019 Forcepoint Cybersecurity Predictions Report

The intersection of people interacting with data and technology will drive cyber risk to all-time highs, according to new insights from Forcepoint researchers and data scientists.

Latest from Security Labs Blog

LockerGoga ransomware - how it works

March 22, 2019

The first confirmed attack by the LockerGoga ransomware was in January 2019 when Altran Technologies got hit. Earlier this week the Norwegian organization Norsk Hydro become the

Attacking the internal network from the public Internet using a browser as a proxy

March 19, 2019

Though not a new attack, it is not very widely known outside of the security research community that a malicious JavaScript hosted on the public Internet can attack the internal network. Since a browser will by default have access to localhost as well as the local LAN, these public-to-private attacks can bypass not only the corporate/consumer perimeter firewall, but also the local host-based

Tapping Telegram Bots

January 17, 2019

At Forcepoint Security Labs we are always looking at the methods threat actors use to circumvent existing protections. One such investigation saw us looking into the usage of the Telegram encrypted messaging service as a Command and Control (C2) infrastructure for malware. Malware that uses Telegram as a C2 channel typically uses the