TitaniumCloud™ Web Services
Overview
TitaniumCloud™ (TiCloud™) web service provides the industry’s most comprehensive source for threat intelligence and reputation data on unknown files. TiCloud identifies files and provides rich information about their contents. Every sample is processed using the ReversingLabs TitaniumCore™ Automated Static Decomposition engine to extract all contained objects and their internal information. The samples are recursively unpacked, decompressed, decrypted, repaired and de-obfuscated. The information extracted from the resulting components includes format, format validation, strings, sections and certificate chains. Malware samples are also scanned twice daily with 27 anti-virus products and the history is stored in the TiCloud database.
Powerful query functions are accessed through a high performance REST Interface or a GUI. TiCloud uses a proprietary NoSQL database optimized to support advanced search across billions of file records in milliseconds.
Features
Threat intelligence and reputation data on files
- XREF - 110M+ malware samples
- 100k+ new malicious samples daily - GREF - 1 billion+ known good samples
Anti-virus scan data
- Malware repository scanned twice daily with 27 vendors' anti-virus products
Query services
- Search for files by hash or anti-virus detection name
- Bulk queries support searches for multiple files
- Results include reputation, antivirus detection history and detailed metadata
Performance scales to meet stringent requirements
- 7 billion queries per day capacity
- Optional appliance provides a high performance, on-premises database instance for dedicated low latency support
File Metadata
Anti-virus scan data
- Malware repository scanned twice daily with 27 vendors’ anti-virus products
Static analysis data from unpacked samples
- File validation and repair data
- Format and file information
- Embedded domains, IP Addresses, IRC handles, spam dictionaries and URLs
- Full certificate data chain - Authenticode, Java Certificates. Mozilla Certs Apple/Android/Symbian
- PE/ELF/Mach-O/DEX/SWF/PDF imports, exports, and resources
- Section names, sizes and hashes
- Relative and full install paths
- Registry entries, file type, architecture, language, icons, compile dates
- Required scripting engines or operating systems Embedded strings for packed and unpacked files
Service Packaging
Web Application
TitaniumOnline™ (beta) allows users to search TiCloud for file information using a web user interface. Results are downloadable as JSON or XML files.
Web Services
Customer applications access TiCloud using a REST interface over the Internet.
Appliance
The TiCloud Appliance provides high performance, low latency solution for high volume, automated applications. The appliance maintains a local copy of the TiCloud database on a customer's premises, which is updated in real-time over the Internet.
Media
iCloud data is supplied monthly on disk in XML format for import into the customer’s DBMS.
Data Sets
GREF
Access to information on over 1+ billion known non-malicious files
XREF
Access to information on 110+ million known malicious files
