Threat Intelligence

Avira’s Threat Intelligence Feeds are unique because they provide comprehensive, clear and simple to consume intelligence that has a high degree of relevance to security vendors and service providers.

File Reputation Feed

Avira’s  File Reputation feed contains the key attributes to enable the identification of clean and malware files.

The File Reputation Feed includes reputation data developed on Windows, Android, Binaries and Documents. It is delivered every 60 seconds with a delay of no more than 300 seconds, ensuring your intelligence is never out of date, and always valid. 

Features

File Information Includes
Hashes, time stamps, file size and formats.

Simple to Consume
Data is delivered in a simple to consume JSON format.

Secure and Reliable
Hosted in a secure Amazon S3 storage.

Easy Integration
Does not need special code or infrastructure (SDK or API) to be implemented.

Features

URL Information Including
Original URL, hashes, timestamps and classification.

Simple to Consume
Data is delivered in a simple to consume JSON format.

Secure and Reliable
Hosted in a secure Amazon S3 storage.

Easy Integration
Does not need special code or infrastructure (SDK or API) to be implemented.

Web Reputation Feed

Avira’s Web Reputation feed contains the key attributes to enable the identification of domains and URLs that contain malicious or potentially malicious content.

The Web Reputation Feed includes reputation data developed on the URL, including hashes, original URL timestamps and classification. It is delivered every 60 seconds with a delay of no more than 300 seconds, ensuring your intelligence is never out of date, and always valid.

File Intelligence Feed

Avira’s  File Intelligence Feed contains extensive, detailed and highly actionable intelligence developed by the Avira Protection Cloud.

The File Intelligence Feed includes intelligence  developed on Windows and Android files and is delivered every 60 seconds with a delay of no more than 300 seconds, ensuring your intelligence is never out of date, and always valid.

Features

File Information
Includes the basic data of hashes, timestamps, size and formats.

Classification Intelligence
Identifies the malware and its function.

Static Intelligence
includes the attributes of related certificates, and the association of the file with particular exploits.

Dynamic Intelligence
Provides the details of the impact on the file system, registry, network and API calls, injections and mutexes.

Infection Intelligence
Associated with the attack vectors and procedures used.

Operational Intelligence
Developed to provide details of the prevalence and source, and the summary of tactics and procedures.

Features

On-demand Threat Intelligence
Benefit from Avira’s threat intelligence database developed from three decades of malware analysis.

Delivered in Real-time 
Powerful hash evaluation technology and a database of over a billion entries provide immediate comparison with known threats.

Personalised Threat Intelligence
An option to upload all, or specific file types, and receive the analysis results (malware or clean) within seconds.

Platform Agnostic
Accessed using a REST API, architected for both Premise-to-Cloud and Cloud-to-Cloud integration.

Secure and Reliable
Delivered from the cloud, it’s highly available, reliable and scalable.

Direct or Cloud-Cloud Access
Flexible implementation makes it quick and  easy to start using.

File Reputation API

The File Reputation API provides simple, on-demand access to Avira's threat intelligence. It enables technology partners to submit a file hash for evaluation or upload a file to the Avira Protection Cloud for analysis.

Hash enquiries are evaluated, and a result returned within tens of milliseconds. If the hash is unrecognized, the suspicious file can be sent to the Avira Protection Cloud for full analysis. 

 

Web Reputation API

Avira’s Web Reputation API enables a real-time, site-specific query approach to identifying malicious URLs or inappropriate internet sites. Delivered as part of Avira’s portfolio of Threat Intelligence solutions, the API provides an on-demand, usage-based alternative to a threat intelligence feed of web reputation data. It is an ideal solution for Security as a Service, firewalls, routers, email scanning, web traffic scanning and internet content filtering.

Threat classifications inform whether a site or domain is blacklisted, contains PUA or is safe and clean. Content categorization delivers real time information on the domain compliant to IAB-1, tier 1 and 2.

Features

Threat Classification
Includes Safe, Malware, Spam, PUA, Phishing and more.

Content Categorization
400 categories compliant to IAB-1, tier 1 and tier 2.

Platform Agnostic
Accessed using a REST API, architected for both Premise-to-Cloud and Cloud-to-Cloud integration.

Real-time Response
Typically within 10mS.

Features

Threat Intelligence Reports
Cloud Sandbox API will deliver the most detailed analysis and intelligence of malware available.

Highly Scalable
Scale malware analysis without impacting internal systems or
having to purchase additional hardware.

On-demand
On-demand malware analysis service via a REST API.

Platform Agnostic
No local infrastructure, simple to integrate.

Cloud Sandbox API

In 2019 Avira’s Cloud Sandbox API will deliver detailed, file-specific, threat intelligence reports to threat analysts and incident response teams. It will provide valuable, actionable intelligence for enterprises and organizations who specialise in cybersecurity services, managed Security Operations Centers (SOC) or Security Information and Event Management (SIEM) services.

Avira’s Cloud Sandbox employs powerful Dynamic File Analysis™ systems to reveal the true intent of even the most obfuscated and hidden code. The highly sophisticated, secure, isolated and instrumented system accurately mimics all aspects of an end-user environment, defeating anti-analysis mechanisms, allowing code to execute fully.

Let's have a chat about how we can offer a tailored solution...

Build your own security systems with our anti-malware SDKs, enhance your threat intelligence.

Contact us