ThreatExpert, Generate Software Behavior Reports - gHacks Tech News

ThreatExpert, Generate Software Behavior Reports

There is always risk involved when you execute software on your local system. You can reduce that risk by updating your operating system regularly, running up to date security software or executing suspicious files in a sandboxed or virtual environment.

When you review as much software as I do, you are grateful for every additional tool that you can utilize to make sure a software can be recommended on your site. Nothing's worse for your site's reputation than recommending a program that turns out to be malicious in nature. This fortunately has never happened on Ghacks yet.

Threat Expert is one of those services that helps you analyze files. You can use an online form to submit files directly on the website, or download an applet for your Windows operating system to send files directly from your desktop to the service's server.

threat expert

You need to add an email address if you use the local application to send a file to Threat Expert, as it may take some time to scan the file. The email contains the link to the report on the website. Scans during tests did not take longer than five minutes to complete. The online submission did not work at all during tests, only the submission applet worked as advertised.

The report displays many useful information, including technical details about files that were created on a system (if the file is an installer), directories that were created, Registry modifications and attempts to connect toremote hosts. Take a look at this sample report for pointers.

threat report

A click on a particular file name listed in a report displays additional information about the file. You see the number of cases where the file was analyzed in reports, and the number of incidents when this file was found to be a threat.

threat expert analysis

You can browse and search all previously generated reports on the site, which may be helpful if you want to quickly look up a file name.

Probably the biggest limitation of the service is the file size limitation. You cannot upload files larger than 5 Megabytes which means that some files cannot be scanned at all.

The ability to display local and remote activities is on the other hand the most valuable feature of the service.

Threat Expert is a handy service that works well in combination with other online scanning services such as Virus Total or No Virus Thanks.

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:

Comments

    Leave a Reply

    Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

    Please note that your comment may not appear immediately after you post it.