Over 400 file formats processed and 4800 file types identified from diverse platforms, applications & malware families.
Any file. Any location. Any threat.
A machine learning hybrid cloud platform that harvests thousands of file types at scale, speeds threat detection through machine learning binary analysis, and continuously monitors a comprehensive index of goodware and malware files for future threats.
Over 400 file formats processed and 4800 file types identified from diverse platforms, applications & malware families.
Real-time, deep inspection of files, scalable to 150+ million files per day without dynamic execution.
Tightly coupled connectors integrate industry leading email, EDR, SIEM, SOAR, and analytics platforms.
Unique Automated Static Analysis fully dissects internal contents of files in 5 ms without execution, obviating the need for dynamic analysis in most cases.
Over 400 file formats are unpacked to the underlying object structure (e.g. embedded executables, libraries, documents, resources, icons) with over 3000 metadata points & 12000 file indicators extracted from the unpacked files.
ReversingLabs Hashing Algorithm hashes a file’s features rather than its bits enabling identification of functionally similar malware files even though each has a unique SHA-1 hash.
Apply over 15 analysis engines, including outcomes from machine learning (ML)-based binary analysis to derive distinct malware type classification verdicts.
Map human readable indicators to verifiable classifications, and deliver explainable threat intelligence directly to the analysts.
Align trusted intelligence to a security framework & common lexicon such as MITRE ATT&CK™.
Powerful threat intelligence solution with up-to-date, threat classification and rich context on billions of goodware and malware files.
Continuously adding up to 8 million malware and goodware daily, constantly curated for the most up-to-date file reputation status.
Extensive Feeds for specific threats, e.g. file types, threat types, industry, CVE, URI, all supported by REST APIs for automated analysis process integration.
SOC analysts use classification to prioritize threats, while threat intelligence and hunting teams use the platform as a primary workbench for deep file analysis, and to accelerate investigations and incident response.
Objects and files of interest that have entered the infrastructure over time can be retained, creating a historical repository for retro hunting and ongoing analysis to uncover attacker techniques and tactics.
Advanced search offers up to 500 unique search expressions while an an advanced rules engine enables building and deploying custom YARA rules to detect sophisticated threat patterns.
Spectra Assure analysis for end-to-end software development workflows, containers and release packages
Learn MoreThe world’s most popular and authoritative database of goodware and malware threat intelligence
Learn MoreAssess millions of files from web traffic, email, file transfers, endpoints or storage
Learn MoreAn instant malware lab with static and dynamic analysis for all of your company's
files and binaries