(formerly known as Irma)

Security Analysis Automation

Quarks Flow (formerly known as Irma) is an automatic file analysis solution to identify malicious files and improve the threat detection rate.

An answer to the ever-evolving malware threat

 

Over the years, the malware threat greatly evolved. First amateur attempts, it then became a set of tools used by organized threat actors to accomplish their malevolent actions. Techniques used to disguise malware evolved as well: polymorphism, obfuscation… In reaction to these advancements, security tools, techniques and analysis methods were invented to counter these new threats.

Today, the main challenge for SOC operators and incident response teams is to keep up with both the advancements in threats and analysis techniques.

Quarks Flow was created with the objective to be the ideal security toolbox for practitioners. The solution focuses on orchestration and automation of analysis methods in order to rapidly identify malware.

Quarks Flow Features

Main Feature

Threat Detection

Increase your detection rate of known and unknown threats by combining multiple engines and analysis methods.

Available Detection Methods

Static Analysis

Dynamic Analysis

Signature-based analysis

Compare a file against known Yara rules, quickly identify a file type

 

Supplement static analysis and learn about malware behaviours with sandboxes

 

Leverage a combination of antivirus engines to multiply the detection rate and lower the rate of false positives

Other features

Sanitization

REST API

Airgap Deployment

Disarming of harmful documents embedding malicious payloads: Office files, PDF… and retrieve a reconstructed file

The Quarks Flow API allows developers and practitioners to leverage the analysis methods, and integrate it into other tooling

Easy update mechanism even for airgapped networks

Why choose Quarks Flow?

On Premise

Designed for on-premise deployment within your infrastructure, also with airgapped capabilities.

Interoperability

Connection with numerous tools and integration within operational process via API.

Extensible

Choose your engines according to your needs from a selection of probes (third-party, Quarkslab or your own probes).

Confidentiality

Keep your files protected in a disconnected environment to ensure privacy.

Ready to protect your most sensitive assets?

Reach out to our sales team for a product demonstration.

Related Resources

Automation of Security Analysis Workloads: Why and How?

Automation of Security Analysis Workloads: Why and How?

Over the past decades the information security landscape has changed significantly but one thing has remained constant: a continuous increase in the number of different threats that a security team has to deal with per unit of time.   Ever since the term...

read more
Infographic – Security Automation

Infographic – Security Automation

Discover in the infographics below why automation is essential in any security team. Find more information, in our complete whitepaper  See the infographics: https://bit.ly/3qfpCt7 Infographie_Security Automation_quarkslab

read more
Webinar – Demo Day

Webinar – Demo Day

Looking to expand your Incident Response offering? Quarks Flow (formerly known as Irma) is an automatic file analysis solution whose mission is to speed up the identification of malicious files and improve the detection rate of malware/threats by...

read more