Our malware sandboxes allow potential malware to run in a secure environment while its behavior is observed. This enables previously unknown threats to be detected. G DATA sandboxes can be integrated via a simple API with just a few lines of code, enabling you to automatically perform a security scan of email attachments, user uploads, and so on using state-of-the-art detection technologies.
The Cloud API gives you access to our comprehensive malware databases, continuously updated by our analysis systems. You can use the Cloud API to query the latest threats in real time by querying sha256 hash sums or URLs. Our Cloud API enables you to identify malicious files or URLs even faster.
Our reputation service makes it very easy to use an API to query how trustworthy a file. You can control the level of detail of the response. The service can be easily integrated into existing infrastructure and products and enables files to be checked before they are processed further.
At G DATA, we closely monitor current cyberthreats, such as malware campaigns, and link their behavior and derived indicators of compromise in our Threat Intelligence Platform. You can use it to search a graph via an API or interactively through a web UI, which correlates current and past threats. The data includes static analysis results, dynamic behavior, and network behavior, forming the most complete picture of a malware.
Our URL sandboxes allow you to investigate suspicious websites through actual browser interaction. It tracks redirects, takes screenshots, and records and provides meta-information such as executed scripts, certificates, or reloaded resources and network traffic. This data provides the basis for your further automated or manual analysis.
Use our File History API for deeper analyses in order to find out when and how often requested files are executed. In particular, the timestamps of the first and last execution are good clues to block suspicious files completely before further analysis.
Similarity hashes make it possible to efficiently determine whether a given unknown file is similar to already known malware files. At G DATA, we examine various feature groups of executable files that make it possible to identify malware, in our case, using both static and behavioral features extracted in our backend. This interface enables you to retrieve similarity hashes from our internal databases.
With our Engine Stability Test Array, you can test any combination of engine and signatures on different Windows and Linux distributions with different patch levels for stability and detection performance. Depending on the configured test parameters, you will then receive a prepared report on incorrectly detected system and reference files or missed detections on a defined malware set. The system also informs you about timeouts, unexpected recognition names, or other problems and saves you the trouble of operating a varied server landscape for acceptance tests.
The Problem: You do not have your own analysis systems for potential malware.
The Solution: We offer an automatic security scan via an API to protect your business from malware through user uploads, email attachments, and so on. You can integrate it using a few lines of code, which allows potential malware to run in a secure environment.
The Problem: You need assistance in evaluating potential hazards.
The Solution: The classification and evaluation of files is one of our core competencies. We offer our insights in various services – easily via an API or web UI. This allows you to identify simple relationships of malware and subsequently perform further analyses.
Recommendation: Analysis-as-a-service, Threat Intelligence Platform, File History API