Brookcourt Solutions

ReversingLabs Technology

Unique automated static analysis technology and authoritative file intelligence services power our innovative solutions that enable security teams to combat unknown malware. Providing File Reputation and Automated Malware Analysis enabling customers to make better decisions on risk associated with content observed in networks via a low risk, completely private platform.

Features

  • Static File Analysis of Files and Objects
  • Threat Analysis and Severity Rating
  • High Speed File decomposition
  • Threat Hunting
  • Malware Analysis
  • File Reputation Service
  • Threat Intelligence
  • Reverse Engineering of Malware
  • Advanced Threat Identification
  • Zero Day Threat Analysis

Benefits

  • Find unseen Malware
  • Reduce risk of unseen Malware and prioritize SOC activities.
  • Enable threat hunting and pro-active threat defence
  • Reduce SOC costs through extensive threat reporting
  • Reduce Mean Time To Respond (MTTR) to threats
  • Provide additional insight into threats and malware
  • Reduce risk profile by identifying unseen malware
  • Increase visibility into Malware and threat capabilities
  • Improve Kill Chain processes
  • Improve orchestration and automation of threat response

Pricing

£8000 per user

  • Education pricing available

Service documents

G-Cloud 11

439865184563623

Brookcourt Solutions

Phil higgins

01737886111

charlotte.gurney@brookcourtsolutions.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints None
System requirements
  • No system requirements required for Cloud-based customers.
  • For on-premise customers - VM capable server required

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Within 24 hours
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels End User support is available at two levels – Basic and Premium. Premium support offers faster and more expansive response times.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started ReversingLabs customers provides onboarding service through our Customer Success managers to understand initial steps including provisioning of the environment, how to login, and general usage of the products they have purchased.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction For customers that deploy in the cloud, we destroy the entire cloud application. No customer data will be extracted.
End-of-contract process There is no additional cost for a customer to no longer use our service. The contract ends, they lose access.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
Application to install No
Designed for use on mobile devices No
Accessibility standards None or don’t know
Description of accessibility The service is accessible through a GUI off of an appliance or VM or through a browser if using the hosted version.
Accessibility testing None
API Yes
What users can and can't do using the API ReversingLabs offers API’s to allow customers and other manufacturers/publishers to write direct integrations to our service for bi-directional communication. I see no limit to the use of our API’s besides standard legal considerations.
API documentation Yes
API documentation formats PDF
API sandbox or test environment No
Customisation available No

Scaling

Scaling
Independence of resources The ReversingLabs platform is designed to accommodate load balancing and clustering - using this scalable architecture, ReversingLabs may choose to add additional compute to processing zones as the data rates evolve with our customer base. An individual account may be limited as needed in cases where a single client is consuming a much larger than expected data ingest volume.

Analytics

Analytics
Service usage metrics Yes
Metrics types ReversingLabs will provide customers with data usage metrics as needed.
Reporting types Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance None

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • European Economic Area (EEA)
  • Other locations
User control over data storage and processing locations No
Datacentre security standards Supplier-defined controls
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with another standard
  • Other
Other data at rest protection approach Data at rest within ReversingLabs data centers are protected by strict physical and logical access controls. Furthermore, data is stored using RL proprietary mechanisms and RAID striping so reconstituting the data is not possible from obtaining a single disk.
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach In-house destruction process

Data importing and exporting

Data importing and exporting
Data export approach Primary data shared with ReversingLabs are files for analysis. Files can be uploaded in a shared or not share mode. It is up to user's privacy guidlelines to determine which files can be uploaded. ReversingLabs discourages upload of sensitive user files. Users can contact support@reversinglabs.com to obtain or remove any files they uploaded for analysis.
Data export formats Other
Other data export formats Binary
Data import formats
  • CSV
  • Other
Other data import formats Excel

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability SLA depends on support level chosen. ReversingLabs provides standard and premium support levels. Details available upon request. Stated availability metric is 99%; however, operationally, ReversingLabs operates at 99.9%.
Approach to resilience Information regarding our Data Resiliency and Redundancy is available upon request, however we can share hat our data platforms are both clustered and maintain failover characteristics to accommodate any failure in the various cloud providers we leverage.
Outage reporting Any unplanned outage is communicated via email with the details and expected duration (if known). Several customers have asked us to call them when this occurs, so customer engagement can be tuned as needed. There is a private dashboard on the support site.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels Only specified team leads or other designates are enabled to receive communications either to or from customers regarding their security ecosystem or other customer specific data. Information is carefully managed on a need to know basis.
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information No audit information available
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach Security governance is based on ISO 27001 standard with aim to establish, maintain and improve effective information security management system.
Information security policies and processes We use information security policies which define how we handle the security of all IT processes.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Changes to configuration are managed centrally to enable tracking of changes.For all our services we have implemented a process which performs daily assessments of security status of all software packages on all servers. Furthermore, install and updates across all our servers are monitored through host intrusion detection service.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Vulnerability management process is integrated in life-cycle of all our products in a way that for each version of products vulnerability scans are mandatory. Vulnerability scan consists of network scans, code scans and scan on included packages. In case high or critical vulnerability is found, production is stopped until issue is resolved through patching or other mitigation techniques. Information on threats is gathered through few online resources.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Protective monitoring process is based on proactive use of IDS, SIEM and host intrusion detection tools with alerting.
Incident management type Supplier-defined controls
Incident management approach Incident management process is defined through policy which defines methods of identification, mitigation and response to security incidents. Users report incidents to IT security team through few channels, upon which team classifies the incident based on impact level and category. and starts with response. For all impact levels response time and reporting time frame is defined.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £8000 per user
Discount for educational organisations Yes
Free trial available No

Service documents

pdf document: Pricing document pdf document: Terms and conditions
Service documents
Return to top ↑