Skip to main content
Go beyond Deep Content, Packet or Session Inspection with
Deep File Inspection (DFI)
Going to this depth results in an average of 4x the inspectable content
Ingest data in-motion, at-rest, and in-use
Discover, score, and export IOCs for continuous protection
Leverage the power of hindsight through retrospective analysis
Operationalize your Threat Intelligence at Scale
Mitigate ransomware
Prevent Phishing
 
Latest Flash Alert
Latest Blog
Beyond the capability of identifying, extracting, and exposing malicious content from hundreds of file types. InQuest Deep File Inspection (DFI) utilizes machine vision and optical character recognition (OCR) to identify the social engineering component of a variety of malware lures. This is one of the myriads of techniques that we employ to detect novel malware that may leverage previous unseen pivots.
Latest Event
Gartner Security & Risk Management Summit 2020 is the one place you can hear independent experts on what matters most now and how to prepare for what’s ahead. You’ll learn how to create the security and IT risk management plans you need to give your organization the freedom to grow and innovate with confidence.
White Papers

Data Loss Discovery Driven by Deep File Inspection (DFI™)

The purpose of this whitepaper is to describe the capabilities provided by the InQuest platform related to identifying the exposure of sensitive information. With the recent explosion of data breach reports in the news, preventing the loss of sensitive data has become an area of focus for many organizations.

Machine Learning

Article Series on Machine Learning and AI

Through the construction of statistical models based off of past observations on the commonalities and differences that malicious and benign files tend to share with one another, a properly tuned machine learning algorithm makes a great partner for a signature author, providing insights that a human expert might not have thought of.

Here's what our customers are saying

Prior to having InQuest, file decompression, decoding and post-processing were all manual steps that were very time consuming for us. Now that we're using InQuest, all of those steps are automated and it has given us the ability to apply these steps to not only files we think are suspicious, but all files received by our users.

Malware Analyst, US Intelligence Community

Having the ability to search historically based on file content is like having our own internal VirusTotal Retrohunt.

Intrusion Analyst, US Department of Defense

The threat score calculation and assignment being performed by InQuest's engine makes it easy for us to sift through the legitimate sessions and focus on the real threats targeting our users.

Intrusion Analyst, US Department of Defense

InQuest provides a complete network forensics picture, from session details such as header information to file details such as the hash, size, type and even the raw file.

Incident Handler, US Intelligence Community

The data loss prevention coverage InQuest provides for data-in-transit is second to none.

Intrusion Analyst, US Department of Defense

The InQuest platform is unlike any other network-based security system we've seen. The performance of their native capture engine and analytic capabilities are unparalleled in terms of the throughput it can support and the number of files it can dissect and analyze.

Security Engineer, US Department of Defense

The third-party integrations with multiav and sandbox solutions are seamless. We have never had a security platform that made it so easy to automate all of our static and dynamic file analysis efforts.

Security Engineer, US Department of Defense

Over half of our customer’s traffic is encrypted and InQuest is the first security platform we’ve seen with a specific focus on using SSL related indicators of compromise to detect the bad guy’s infrastructure.

Intrusion Analyst, Managed Security Service Provider

The threat intelligence InQuest is able to gather and disseminate via their reputation and threat feeds has alerted us to numerous customer compromises. They are truly at the cutting edge when it comes to identifying threat actor infrastructure as it is deployed.

Intrusion Analyst, US Intelligence Community

It’s pretty amazing that they are able to support capturing, reassembling, processing, storing and inspecting content at speeds over 20Gb without dropping traffic all in a 1U box.

Security Engineer, Department of Defense

We’ve been customers for several years now and up until the recent acquisition of their appliances we were running their collectors on 4U boxes with flash storage cards. As a result of that acquisition, we went from having to deal with three different vendors to one vendor, reduced our rackspace footprint as well as our power consumption which all resulted in a huge cost savings for us. Kudos to InQuest!

Director of Information Security, E-Commerce Company

Through their data orchestration and workflow, they’ve made it really easy for us to establish repeatable workflows from within their UI. That has saved our SOC analysts a considerable amount of time and has enabled them to pivot through data from numerous systems all from a single pane of glass.

SOC Operations Lead, Department of Defense
 

Introducing the InQuest Malware Discovery Engine (MDE)! A new default-on static analysis integration designed to identify malicious logic embedded in the most commonly used file types. Alerts from this subsystem are automatically factored into the InQuest Threat Score Engine to produce our File and Session Threat Scores.

MDE leverages the AV community to identify garden-variety malware quickly, so InQuest can focus on those hard to detect threats targeting your Enterprise.

Get the InQuest Insider

Subscribe here to receive our monthly newsletter, the InQuest Insider. It will provide you with the top stories, news about new innovative malware, threat research / threat hunting, tools and security tips from the last month.