Malicious Code Analysis Platform (MCAP)
Powerful, web-based sandbox environment for analyzing suspicious files and URLs.
Speak with the CIS team to learn how to get started with MCAP.
Get Started
The Malicious Code Analysis Platform (MCAP) is available exclusively to U.S. State, Local, Tribal, and Territorial (SLTT) member organizations of the Multi-State Information Sharing and Analysis Center® (MS-ISAC®).
Apply now to become a memberIt enables MS-ISAC members to upload suspicious files and URLs for analysis against Cisco's Secure Malware Analytics sandbox through an easy-to-use front-end portal.
How MCAP Helps You...
Access to Potential Malware Insights
MCAP grants access to a web-based sandbox environment for analyzing suspicious files and URLs. MS-ISAC members can submit URLs along with executables, DLLs, documents, and other file types for automated and controlled analysis to identify potential malware and understand their behavior.
Data Privacy and Control of MCAP Submissions
The MS-ISAC Cyber Threat Intelligence (CTI) team anonymously feeds MCAP URL and file submissions to threat intelligence platforms to provide MS-ISAC members with actionable threat intelligence. MS-ISAC members do have the ability to delete their MCAP submissions, which are securely stored within the platform, and the submissions can be securely downloaded as a zip file for additional analysis.
Actionable Malware Insights that Are Easy to Understand
MCAP uses Cisco's Secure Malware Analytics sandbox, a pool of advanced virtual machines, to analyze potential malware in conjunction with a set of data collection tools. After the analysis is complete, it provides an easy-to-read report containing indicators and actions observed during execution, including dropped files, registry changes, persistence mechanisms, and callouts to specific IPs or DNS addresses. These insights support triage, threat identification, and network defense across MS-ISAC members' environments.
Access to Deeper Analysis from Subject Matter Experts
Subject matter experts from the MS-ISAC's Cyber Incident Response Team (CIRT) are available to provide further assistance, up to 5 hours of annual analyst support, including report comprehension and in-depth manual malware analysis. Additional blocks of MCAP Malware Analysis Assistance are available for purchase. Please contact [email protected] for more details.