Image by wocintechchat, from Unsplash
CISA Launches Thorium, A Free Automated Malware Analysis Platform
Reading time: 2 min
Last Updated: Aug 2, 2025
-
![Kiara Fabbri]()
-
![Sarah Frazier]()
Fact-Checked by Sarah Frazier Content Manager
The Cybersecurity and Infrastructure Security Agency (CISA), together with Sandia National Laboratories, introduced Thorium as a free, powerful malware analysis tool to boost cybersecurity.
In a rush? Here are the quick facts:
- Thorium can analyze over 10 million files per hour with scalable automation.
- Thorium helps teams detect threats faster by integrating multiple malware tools.
- The platform is free and designed for use across federal and private sectors.
Announced on Thursday, Thorium is a scalable, automated platform designed to help cyber defenders quickly examine malware threats and run forensic analyses. It combines commercial, open-source, and custom tools into a single, easy-to-use system that speeds up threat detection and response.
“We’re constantly developing new tools, or acquiring new tools to do this kind of thing, and one of the problems we face is organizing and applying these tools in an effective fashion,” said Mike Compton, deputy section chief of code & media analysis at CISA, as reported by The Record.
“Sandia has helped us identify that and took a crack at helping us develop a solution to make that job easier,” he added.
Thorium automates routine tasks like file gathering, code analysis, and result indexing, which reduces their workload. The system integrates seamlessly into current cybersecurity operations, requiring only basic setup, and has the ability to process millions of files each hour via scalable cloud infrastructure.
“Thorium is not a silver bullet. It’s not going to solve all your problems […] but it is a step forward in establishing a platform that the entire community can use and we can all contribute to,” Compton added, as reported by The Record.
Michael Carson, a cybersecurity engineer at Sandia who led the project, said to The Record that the tool reduces both the time and cost of malware analysis. He adds that this is particularly helpful for organizations that lack in-house cyber defense teams.
According to CISA Associate Director Jermaine Roebuck, the goal was to “empower the broader cybersecurity community to orchestrate the use of advanced tools for malware and forensic analysis.”
The free Thorium platform enables teams to automate essential cyber defense operations while improving their collaborative capabilities between organizations.
Latest articles 
