Varist Unveils Hyperscale Malware Detection to Counter AI-Driven Cyber Threats

A cybersecurity startup is betting that the next phase of malware defense will require something closer to hyperscale cloud engineering than traditional antivirus logic.

Varist has introduced its Hybrid Detection Engine™, a malware detection platform designed to scan and simulate every file in motion at cloud scale. The company says the system was engineered to handle both known malware and zero day threats instantly, addressing a growing wave of AI generated attacks that can mutate faster than signature based defenses can track.

The launch reflects a broader shift across the cybersecurity industry. As generative and agentic AI systems become embedded in offensive tooling, malware campaigns are growing more autonomous, polymorphic and difficult to classify using conventional sandboxing or signature matching.

Rethinking Malware Detection for the AI Era

Most enterprise detection systems rely on a layered model. Known threats are flagged using signatures or heuristics. Suspicious files are then routed to sandbox environments for deeper inspection. That approach has long been limited by cost and processing overhead, which makes it impractical to simulate every single file that passes through email, cloud storage or SaaS workflows.

Varist’s Hybrid Detection Engine attempts to remove that bottleneck.

According to the company, each detection instance can process roughly 500 files per second, scanning and simulating suspicious elements in real time. The system analyzes suspicious files in under nine milliseconds and maintains a false positive rate below 0.001 percent. The architecture is built on infrastructure that already supports more than 500 billion file scans per day for global customers through OEM partnerships.

“Traditional methods for detecting unknown malware assume no solution can scale to scan every file and that conventional sandboxing is too slow and too costly to execute against every potential threat,” says Varist founder Hallgrímur Th. Björnsson. “Agentic AI creates complex, self-evolving threats, so providers need a more scalable and cost-effective way to find known and zero-day threats, without bombarding response teams with false positives.”

The engine draws on a malware dataset exceeding three petabytes and uses behavioral simulation to assign risk scores. Instead of simply labeling files as malicious or benign, it evaluates how code behaves in a controlled environment and surfaces prioritized intelligence for security operations teams.

Why Hyperscale Matters

File based workflows have become a prime vector for malware delivery. Email attachments, collaboration documents, API driven integrations and cloud uploads all provide opportunities for malicious payloads to hide within legitimate traffic.

Traditional sandboxes struggle to keep pace with that volume. High simulation costs and latency force many providers to selectively analyze only the most suspicious samples. AI generated malware complicates the equation further by altering code structure to evade static inspection.

Mike Fleck, a 20 year cybersecurity industry veteran, warns that AI powered malware could overwhelm legacy systems if detection does not scale in parallel.

"The increased use of and potential for AI to create and execute malware campaigns could completely overwhelm conventional detection systems sooner rather than later,” Fleck says. “Security stacks will not only need to detect known threats at greater scale, but also detect novel threats in near real-time.”

Varist’s approach is to simulate components far faster than conventional sandboxes while keeping operational costs manageable. By embedding inspection directly into file transit workflows, the company claims organizations can analyze every file without disrupting business processes.

The system currently protects an estimated five billion mailboxes worldwide through OEM integrations, according to the company.

OEM First, Cloud Native, Privacy Focused

Rather than targeting end customers directly, Varist is positioning its technology as an OEM platform for hyperscalers, SASE providers and cybersecurity vendors. The company says its implementation model allows partners to integrate detection and analysis capabilities within hours.

Another design decision is architectural containment. The Hybrid Detection Engine operates entirely within a customer’s own infrastructure. Files do not leave the environment for analysis, which can simplify compliance with data sovereignty regulations and reduce exposure risks associated with external sandbox services.

That privacy centric approach may appeal to regulated industries where sending sensitive documents to third party analysis environments is often restricted.

The AI Arms Race in Malware Detection

The release of Varist’s engine underscores a larger transformation underway in cybersecurity. As AI models are increasingly used to generate phishing campaigns, automate exploit development and create adaptive malware, detection platforms are being forced to adopt AI scale architectures of their own.

In practical terms, that means inspecting more data, faster, with fewer false positives and lower marginal costs.

The central question is not whether AI will be used in cyber attacks. It already is. The question is whether defensive systems can scale fast enough to analyze every file, in real time, without overwhelming human analysts.

Varist’s answer is that they must.