DOCGuard is a malware analysis service provided to security researchers, analysts and academics. Using its breakthrough analysis engine, Docguard can analyze files in seconds and detect all known attack methods without missing them.
What is Docguard?
Docguard performs a new type of static analysis called structural analysis. Structural analysis parses malware and passes it to core engines based on its components. With the help of this approach, DOCGuard can precisely detect malware, extract F/P free IOCs from strings, and identify obfuscation and encryption in the form of string encoding and document encryption.
Detect All Attack Techniques
Docguard can detect all known attack methods without missing them.
Reduce Your Malware Analysis Wait Time
Docguard can analyze files in seconds using its breakthrough analysis engine.
Close the Gaps in Your Email Security Gateway
Gartner strongly recommends that Email Security Annexes are needed if an organization has a specific use case or if a particular type of advanced threat is prevalent. Also, Docguard should be considered as an additional layer of defense.
Easy Alert Triage
Docguard helps automate the verification of alerts from different sources such as SOAR solutions, SIEM or Phishme, Cofense, etc.
Fast and Scalable
Docguard analyzes samples in seconds with incredibly low system resources.
Simple Deployment and Integration
You can easily deploy Docguard by deploying a Docker container and integrate it into your cybersecurity ecosystem in minutes using the API interface.
Simple Malware Analysis
Docguard can detect all advanced threats such as VBA Stomping, Excel 4.0 Macros, DDE Exploits and many others.
Currently supported file types are Microsoft Office Files, PDFs, HTMLs, HTMs, LNKs, JSs, ISOs and archives. The detailed findings of the structural analysis are presented in an aggregated view in the GUI, can be downloaded as a JSON report and can also be collected via API.
Docguard’s main use case is to integrate with SEGs (Secure Email Gateways) and SOAR solutions.