ReversingLabs Enrichment APIs For Sentinel
ReversingLabs
ReversingLabs Enrichment APIs For Sentinel
ReversingLabs
ReversingLabs Enrichment APIs For Sentinel
ReversingLabs
ANY FILE. ANY LOCATION. ANY THREAT.
Security practitioners must be able to analyze files, binaries, and objects for malware to prevent threats to the organization. Much of the malware is designed to evade detection and is constantly updated by bad actors. Security teams are also challenged to provide this analysis at volume and speed in keeping up with this ever-changing threat. ReversingLabs, the leader in malware file analysis, has previously provided an API only to the top tier security organizations and researchers. ReversingLabs is now making this API available to Microsoft Sentinel users to enhance their malware detection. Using this advanced API, security teams can now analyze files, binaries, and objects to detect the latest malware at speed and volume confidently.
OVERVIEW
This offer enables access to the ReversingLabs TitaniumCloud File Reputation and File Hash Analysis APIs. The File Reputation API provides a simple classification for a submitted file hash. The File Hash Analysis API summarizes the results of static analysis, dynamic analysis, and AV scan information. With the ReversingLabs solution for Microsoft Sentinel, SOC teams can understand if a file is goodware or malware in seconds, reducing incident triage and response time.
Features
Classification of a file hash for good, bad or suspicious
Provide expanded summary analysis including analysis story, file type, threat level (1 to 5), and embedded file details
Enables these features within Sentinel Automation Playbook
An organization is dealing with a lot of phishing alerts with suspicious attachments. The Reversinglabs API would enable the SOC manager to process these alerts faster with higher confidence to reduce workload and response time.
ABOUT REVERSINGLABS
ReversingLabs empowers modern software development and security operations center teams to protect their software releases and organizations from sophisticated software supply chain security attacks, malware, ransomware, and other threats.
The ReversingLabs Titanium Platform analyzes any file, binary, or object that can evade traditional security solutions. It’s a hybrid-cloud privacy-centric platform that unifies Dev and SOC teams with transparent and human-readable threat analysis, arming developers, DevSecOps, SOC analysts, and threat hunters to respond to software tampering and security incidents confidently.
ReversingLabs data is used by more than sixty-five of the world’s most advanced security vendors and their tens of thousands of security professionals. ReversingLabs enterprise customers span all industries, leveraging integrations with popular DevSecOps and SOC platforms that enable teams to access the analysis they need to make quick security verdicts, eliminate threats, and release software with confidence.