Overview
TitaniumCloud Reputation Services are powerful threat intelligence solutions with up-to-date, threat classification and rich context on tens of billions of goodware and malware files. ReversingLabs does not depend on crowd-sourced collection, but instead curates the harvesting of files from software vendors and diverse malware sources. All files are processed using unique ReversingLabs File Decomposition Technology, combined with other dynamic and detection information, to provide industry reputation consensus. TitaniumCloud supports a powerful set of REST API query and feed functions that deliver targeted file and malware intelligence for threat identification, analysis, intelligence development, and hunting.
Global File Reputation
TitaniumCloud continually processes goodware and malware files providing early intelligence about attacks before they infiltrate customer infrastructures. This visibility to threats “in-the-wild” enables preparation for new attacks and quickly identifies the threat levels of new files as they arrive. TitaniumCloud enables more effective and efficient file analysis, development of better threat intelligence, and implementation of proactive threat hunting programs.
TitaniumCloud Database for Reputation Data
- Over 18+ billion unique file records of TitaniumCloud data with classification, continuously adding up to 16 million malware and goodware updates daily
- High-performance online query processing
Detailed File Reputation Information
- Every sample processed using file decomposition to extract all objects and uncover threat indicators
- Over 4000 file formats identified
- Over 400 file formats unpacked and analyzed including archives, installers, packers & compressors
- Historic detection information from more than 40 antivirus scanners for industry consensus showing changes over time
- Malware samples are continually reanalyzed by our TitaniumCore Engine for the most up-to-date file reputation status
Queries via REST Web Services APIs
- Powerful query and feed functions
- REST API for automated analysis process integration
- File reputation information via single and bulk hash queries
- Functional similarity hash queries for identifying new and polymorphic threats
- Advanced search and hunting by file context and threat indicators
- Alerting on threat level changes for subscribed files
- File uploads/downloads
Targeted Reputation Feeds
- Extensive Feeds for specific threats, e.g. file types, threat types, industry, CVE, URI
Delivery Options
- Online: Cloud-based service with web GUI
- On-Premises: T1000 File Reputation Appliance