Irma new release

May 5, 2020 | Quarks Flow

Paris, France – August 2019

Quarkslab, the leading information security R&D, consulting and software company in Europe, announced today the release of Irma Core v3.2, its automated content security analysis plat- form for malware detection and USB device management.

Irma Core, Quarkslab’s Security Orchestration and Automation platform for content security analysis, was born in 2015 as a collaborative initiative of 5 european organizations seeking to augment their malware detection capacity and to develop a common platform for efficient content security analysis at scale. Since its early origin as an Open Source Software project, Irma evolved to become a commercially supported content analysis platform suitable for deployment on-premises in IT environments of Banking and Finance, Government, Aerospace, Telecom- munications, Manufacturing and Healthcare organizations, where file content confidentiality and strict security controls for files entering high-security networks are an important concern.

The Irma Core set of features includes:

  • A scalable file security analysis platform with up to 25 analysis engines.
  • Full source code access to the entire platform.* * Not applicable to source code of analysis engines from third party vendors.
  • Deployment on-premises using popular DevOps-friendly tools.
  • File content analysis on isolated and air-gapped networks.
  • Simple yet powerful Web UI to support manual analysis by members of SecOps, SOC and CERT teams.
  • Support for development and deployment of ad-hoc analysis engines by technology partners and customer security teams.
  • A REST API for automated, programmatic submission and processing of files, enabling easy integration with third party tools and threat intelligence feeds.
  • An asynchronous library in Python that developers can use to interact with the Irma API.
  • Built-in support for ingress/egress analysis of files in USB storage devices using Irma Kiosk, Quarkslab’s self-service touchscreen terminals. «The release of Irma v3.2 is a significant milestone for Quarkslabs. It constitutes tangible indication that our software can meet strict requirements of top level organizations in France. It is encouraging to see organizations increasingly interested in scaling up their threat hunting and malware detection capabilities using automation and orchestration platforms such as Irma» said Iván Arce, CTO of Quarkslab.

What’s new in Irma v3.2

  • Standalone user authentication and authorization.
  • Dashboards for monitoring application and system-level metrics.
  • Encrypted storage of samples.
  • System hardening according to guidelines of the Agence nationale de la sécurité des systèmes d’information (ANSSI).
  • Initial support for dynamic analysis using Cuckoo Sandbox.
  • Initial support for dynamic analysis using Cyberdetect’s Gorille.
  • Full Core and Analysis Probe updates for air-gapped networks using Irma Factory. For more information visit https:/ or contact us at or @quarkslab on Twitter.

About Quarkslab Quarkslab is a French company specializing in information security R&D, consulting and software development. Our expertise is in combining offensive and defensive security to help orga- nizations adopt a new security posture: Force the attackers, not the defender, to adapt constantly. Through our consulting services as well as our software we provide tailored solutions to organizations, helping them to protect their assets, sensitive data, and users against increasingly sophisticated attacks.