Dynamic analysis
Dynamic analysis is a security analysis method that
-
automatically submits files for behavioral analysis using Secure Malware Analytics (formerly Threat Grid), Cisco's file analysis and threat intelligence platform,
-
runs files in a sandbox environment to analyze behavior and determine maliciousness, and
-
returns a threat score indicating the likelihood that a file contains malware.
Dynamic analysis process and capabilities
You can configure your file policy to automatically submit files for dynamic analysis using Secure Malware Analytics (formerly Threat Grid), Cisco's file analysis and threat intelligence platform.
Devices submit eligible files to Secure Malware Analytics (either the public cloud or to an on-premises appliance, whichever you have specified) regardless of whether the device stores the file.
Secure Malware Analytics runs the file in a sandbox environment, analyzes the file's behavior to determine whether the file is malicious, and returns a threat score that indicates the likelihood that a file contains malware. From the threat score, you can view a dynamic analysis summary report with the reasons for the assigned threat score. You can also look in Secure Malware Analytics to view detailed reports for files that your organization submitted, as well as scrubbed reports with limited data for files that your organization did not submit.
For more information about Cisco Secure Malware Analytics, refer to https://www.cisco.com/c/en/us/products/security/threat-grid/index.html
To configure your system to perform dynamic analysis, see the topics under Dynamic analysis connections.