ThreatExpert is an advanced automated threat analysis system designed to analyze and report the behavior of computer viruses, worms, trojans, adware, spyware, and other security-related risks in a fully automated mode.

In only a few minutes ThreatExpert can process a sample and generate a highly detailed threat report with the level of technical detail that matches or exceeds antivirus industry standards such as those normally found in online virus encyclopedias.

ThreatExpert takes a threat file, places it in a self-contained simulated virtual environment, deliberately executes the threat in this environment and then monitors its behavior. A combination of file, Windows Registry and memory snapshots are recorded, in addition to a series of specific ‘hooks’ that intercept communication routes typically exploited by threat infections. These hooks ‘deceive’ the threat into communicating across a simulated network, whereas the threat’s communication actions are actually being recorded in detail by ThreatExpert. Using this invaluable recorded data, a detailed report is generated, consisting of file and Windows Registry changes, memory dump analyses, and other important system activities caused by the threat.