Threat Analysis System

Stops Zero-Day Threats

Thwarts unknown advanced threats using a multi-stage detection engine

Broad protocol support

Threat visualization statistics based on the attack chain

Enterprises are constantly assaulted by malware, ransomware, botnets and other forms of attack that can easily circumvent traditional firewalls and legacy Intrusion Prevention Systems. Most modern attacks are content-based, making even the most sophisticated detection mechanisms inadequate at finding the bad hiding among the good.


The NSFOCUS Threat Analysis System (TAS) provides advanced multi-stage AI analysis for detection and mitigation of tomorrow’s and beyond unknown and zero-day advanced persistent threats (APTs).

Threat Analysis Engine

Stops content-based and zero-day attacks cold. By employing IP reputation with threat intelligence, anti-virus with millions of entries, a static analysis engine and an execution sandbox, enterprises are protected against a wide variety of modern threats.


Key Features

The Threat Analysis Engine provides a rich set of active protection technologies including:


  • File processing which rebuilds and parses file content detected over HTTP, FTP, SMTP, POP3 and IMAP protocols.
  • Dynamic Detection by virtual execution allowing for dynamic behavior detection independent of static signature-based techniques, providing accurate detection of 0-day attacks and previously unknown malware.
  • Threat Visualization Provides multiple views for threat information: locations, users, and assets
  • Virus Detection against rebuilt files to protect against known malware.
  • Static Detection of shellcode.
  • Full Integration with Threat Intelligence allowing the reputation of the data source to be evaluated for potential risk, command & control behavior, or previous malware relationships.
  • Tight Integration with the NSFOCUS Next Generation Intrusion Prevention System (NIPS) so that detected attacks can be mitigated.
  • Extensive Reporting and Logging allows for easy understanding of your threat situation including the latest threat events, 24-hour threat trends and daily, weekly, monthly or annual reporting options.