Getting Started with Enclave

Enclave is an enterprise-grade malware analysis platform that you can deploy on your own infrastructure in minutes. It provides automated analysis of suspicious files and URLs, helping security teams identify and respond to threats quickly.

Quick Start

Deploy Enclave with a single command:

curl -sSL https://lattice.one/install.sh | bash

This will:

1. Check system requirements
2. Install dependencies
3. Deploy Enclave containers
4. Configure initial security settings
5. Start the analysis engine

System Requirements

• Linux-based OS (Ubuntu 20.04+ recommended)
• 8GB RAM minimum (16GB recommended)
• 100GB storage
• Docker 20.10+
• Internet connectivity for updates

Core Features

Automated Analysis

• File and URL analysis
• YARA rule matching
• Network behavior monitoring
• Process analysis
• Memory forensics

Sandbox Environment

• Isolated analysis containers
• Multiple OS support (Windows/Linux)
• Network simulation
• Anti-evasion techniques

Reporting

• Detailed analysis reports
• IOC extraction
• MITRE ATT&CK mapping
• Export in multiple formats

Architecture

Enclave runs as a set of containerized microservices:

• Analysis Engine
• Web Interface
• Database
• File Storage
• Report Generator

Each component is isolated for security and scalability.

Next Steps

• Configure Analysis Settings
• Add Custom YARA Rules
• Integrate with External Tools
• Deploy in Air-Gapped Networks