[FACIL] Canada's 'super secret spy agency' (CSE) releases malware-fighting tool as open source

[Gabriel Cossette]

Assemblyline is a platform for the analysis of malicious files. It is 
designed to assist cyber defence teams to automate the analysis of files 
and to better use the time of security analysts. The tool recognizes 
when a large volume of files is received within the system, and can 
automatically rebalance its workload. Users can add their own analytics, 
such as antivirus products or custom-built software, in to Assemblyline. 
The tool is designed to be customized by the user and provides a robust 
interface for security analysts.

Assemblyline works very much like a conveyor belt. Files arrive in the 
system and are triaged in a certain sequence.

* Assemblyline generates information about each file and assigns a 
unique identifier that travels with the file as it flows through the system.
* Users can add their own analytics, which we refer to as services, to 
Assemblyline. The services selected by the user in Assemblyline then 
analyze the files, looking for an indication of maliciousness and/or 
extracting features for further analysis.
* The system can generate alerts about a malicious file at any point 
during the analysis and assigns the file a score.
* The system can also trigger automated defensive systems to kick in. 
Malicious indicators generated by the system can be distributed to other 
defence systems.
* Assemblyline recognizes when a file has been previously analysed.

Article: 
http://www.cbc.ca/news/technology/cse-canada-cyber-spy-malware-assemblyline-open-source-1.4361728

Homepage: https://www.cse-cst.gc.ca/en/assemblyline
Source Code: https://bitbucket.org/cse-assemblyline/

-- 
Gabriel Cossette

Conseiller technique, Architecture d’entreprise
Services partagés Canada / Gouvernement du Canada
gabriel.cossette at canada.ca / Tél. : 418-254-8558

Technical Advisor, Enterprise Architecture
Shared Services Canada / Government of Canada
gabriel.cossette at canada.ca / Tel: 418-254-8558