New

Hatching Triage

Our new, flagship sandbox.

 

What is Triage?

A new malware sandbox, developed with scaling in mind from the start.

Triage is Hatching’s new and revolutionary malware sandboxing solution. It leverages a unique architecture, developed with scaling in mind from the start. Triage can scale up to 500.000 analyses per day, an unprecedented number for a sandboxing service.

Who do we serve?

Enhance your security solutions or speed up your malware analysis.

Triage is used by a wide variety of companies, ranging from large enterprises to niche security specialists. However, they all share a dedication to keeping their organizations or end-customers safe.

See who benefits

Security
Service Providers

Companies like Managed Security Service Providers (MSSP) and Security Operations, Analytics & Reporting companies (SOAR)

In-house
Security Teams

Companies like Security Operations Centers (SOC) and Computer Emergency Response Teams (CERT)

Benefits

A new sandbox, with years of experience built-in.

Starting from scratch isn't the same as starting from zero. Triage leverages Hatching's years of experience in developing sandboxing solutions such as Cuckoo Sandbox. With a completely new architecture, no legacy, and a clear vision in mind from the start, Triage offers users a modern, fast, and scalable sandbox with a comprehensive API.

Scaling

Designed as a distributed solution.

Triage was developed with scaling in mind from the start, so increasing your analysis capacity is just a matter of adding more hardware.

For all popular platforms

Malware is platform-agnostic, so are we.

Triage supports automated malware analysis for Windows 7 and 10, Linux, Android and macOS.

Live interaction

Take direct control of your analysis VM.

With the Triage monitor, you can watch the detonation of your files in realtime, and you can take direct control of the VM if required.

The user interface

A minimalistic design focused on highlighting only the relevant information.

Sandboxing samples produces a wealth of information, but not all data is relevant. That's why Triage's interface focuses on presenting only information pertinent to the user. And in case you do need access to all the data, or if you want to automate your workflow, there is a comprehensive REST API too.

Submit

Triage supports over 100 file types and archives.

Just drag & drop your file or archive, and Triage will start unpacking and running static analysis components straight away. Based on this, the best environment for dynamic analysis is selected automatically.

Submit samples
Sample monitor

Interact

Watch and interact with the analysis in realtime.

The Triage VMs spin up instantly, and the analysis unfolds itself right in front of your eyes. The interactive live view lets you keep a close eye on the analysis and allows you to take control of the VM at any time.

Report

Get a clear view of the critical analysis results.

The report focuses on presenting the most relevant information to the user at once, like the malware configuration that Triage extracts for a continuously growing number of malware families.

Analysis report
Profile management

Profiles

Preconfigure your desired analysis settings.

With profiles, you can easily save a preset of your desired analysis configuration. Control basic settings like timeout and internet configuration, or select a specific (custom) VM for your profile.

Pricing details

Pricing

Triage uses a simple, volume-based license model.

Our packages start at 500 analyses per day and quickly scale up towards 50,000 analyses per day so that our customers never have to worry about hitting quotas or not being able to perform their day-to-day work.

Furthermore, for fully automated enterprise workflows, our solution scales easily towards performing hundreds of thousands of file and URL analyses per day.

Contact us for bespoke and competitive pricing.

Try it out now!

Create a free public cloud account or get a private demo.

Get in touch to request your Triage private cloud demo environment, and test all of Triage's capabilities. As a service to the security community, individual users and researchers can use Triage public cloud for free.