File Reputation Service

File Reputation Service

Threat Intelligence Cloud - Industry’s Most Comprehensive Source for Reputation Data

Key Features


Increase detection, analysis and response efficiency by identifying files from queries to an authoritative global goodware and malware database


Prepare for emerging threats by monitoring malware “in-the-wild” using threat specific feeds including Ransomware, APT, CVE, financial and retail


Support air-gapped, private environments with the industry’s only on-premises file reputation appliance


Maintain customer privacy with a secure query and file submission service

Request a demo


ReversingLabs’ TitaniumCloud Reputation Services are powerful threat intelligence solutions with up-to-date, threat classification and rich context on over 8 billion goodware and malware files. ReversingLabs does not depend on crowd-sourced collection but instead curates the harvesting of files from software vendors and diverse malware sources. All files are processed using unique ReversingLabs File Decomposition Technology, combined with other dynamic and detection information to provide industry reputation consensus. TitaniumCloud supports a powerful set of REST API query and feed functions that deliver targeted file and malware intelligence for threat identification, analysis, intelligence development and hunting.

Global File Reputation

ReversingLabs TitaniumCloud continually processes goodware and malware files providing early intelligence about attacks before they infiltrate customer infrastructures. This visibility to threats “in-the-wild” enables preparation for new attacks and quickly identifies the threat levels of new files as they arrive. TitaniumCloud enables more effective and efficient file analysis, development of better threat intelligence and implementation of proactive threat hunting programs.

TiCloud product graph 1


Do your responders routinely upload files to VirusTotal™?

Learn why TitaniumCloud is a superior and more secure solution.

Download comparison sheet

TitaniumCloud APIs and Feeds

ReversingLabs TitaniumCloud provides over 50 search, query and feed APIs that automate processing, analysis and threat status information gathering.

Screen Shot 2019-01-18 at 10.14.28 AM


TitaniumCloud Database for Reputation Data

  • Over 8 billion unique file records of TitaniumCloud data with classification, continuously adding up to 8 million malware and goodware updates daily
  • High-performance online query processing

Detailed File Reputation Information

  • Every sample processed using file decomposition to extract all objects and uncover threat indicators
  • 3600 file formats identified
  • Over 360 file formats unpacked and analyzed including archives, installers, packers & compressors
  • Historic detection information from more than 40 AV scanners for industry consensus showing changes over time
  • Malware samples are continually reanalyzed by our TitaniumCore Engine for the most up-to-date file reputation status

Queries via REST Web Services APIs

  • Powerful query and feed functions
  • REST API for automated analysis process integration
  • File reputation information via single and bulk hash queries
  • Functional similarity hash queries for identifying new and polymorphic threats
  • Advanced search and hunting by file context and threat indicators
  • Alerting on threat level changes for subscribed files
  • File uploads/downloads

Targeted Reputation Feeds

  • Extensive Feeds for specific threats, e.g. file types, threat types, industry, CVE, URI

Delivery Options

  • Online: Cloud-based service with web GUI
  • On-Premises: T1000 File Reputation Appliance
Service Packaging

REST Web Services Over the Internet

Customer applications access TitaniumCloud using a REST Web Services API over the Internet. Results are returned in JSON or XML format.

On-Premises T1000 File Reputation Appliance

The T1000 File Reputation Appliance provides a high performance, low latency solution for high volume, automated applications, enabling total privacy. The appliance maintains a local copy of the TitaniumCloud database on a customer's premises that is updated in real-time over the Internet or can be ‘manually’ updated in air-gapped networks.

File Intelligence Information: APIs and Feeds

TitaniumCloud provides a comprehensive list of APIs and Feeds that automate processing, analysis and threat status information gathering on single or bulk samples. For a full list of APIs and details contact us. Some examples follow:

File Reputation APIs:

  • File reputation details (Whitelist and Blacklist)
  • File reputation change on tracked samples
  • Return all malware family members
  • Return functionally similar files (RHA)

Threat Feeds:

  • Exploits with CVE 
  • Linux, MacOS and Android malware
  • IP/Domains present in malware
  • APT threats
  • Malware Targeting Financial Services, Retail, Healthcare, Oil & Gas, etc.
Product Docs