Threat Intelligence

Avira’s Threat Intelligence Feeds are unique because they provide comprehensive, clear and simple to consume intelligence that has a high degree of relevance to security vendors and service providers.

File Reputation Feed

Avira’s  File Reputation Feed contains the key attributes to enable the identification of clean and malware files.

The File Reputation Feed includes reputation data developed on Windows, Android, binaries and documents. It is delivered every 60 seconds with a delay of no more than 300 seconds ensuring your intelligence is never out of date, and always valid. 

Features

File information includes
Hashes, time stamps, file size, and formats.

Easy to consume
Data is delivered in an easy-to-consume JSON format.

Secure and reliable
Hosted in a secure Amazon S3 service.

Easy integration
Does not require implementation of special code or infrastructure (SDK or API).

Features

URL information including
Original URL, hashes, timestamps and classification.

Easy to consume
Data is delivered in an easy-to- consume JSON format.

Secure and reliable
Hosted in a secure Amazon S3 service.

Easy integration
Does not require implementation of special code or infrastructure (SDK or API).

Web Reputation Feed

Avira’s Web Reputation Feed contains the key attributes to enable the identification of domains and URLs that contain malicious or potentially malicious content.

The Web Reputation Feed includes reputation data developed on the URL, including hashes, original URL timestamps, and the classification. It is delivered every 60 seconds with a delay of no more than 300 seconds ensuring your intelligence is never out of date, and always valid.

File Intelligence Feed

Avira’s  File Intelligence Feed contains extensive, detailed, and highly actionable intelligence developed by the Avira Protection Cloud.

The File Intelligence Feed includes intelligence  developed on Windows and Android files, and is delivered every 60 seconds with a delay of no more than 300 seconds ensuring your intelligence is never out of date, and always valid.

Features

File information
Includes the basic data on hashes, timestamps, size, and formats.

Classification intelligence
Identifies the malware and its function.

Static intelligence
Includes the attributes of related certificates, and the association of the file with particular exploits.

Dynamic intelligence
Provides the details of the impact on the file system, registry, network and API calls, injections, and mutexes.

Infection intelligence
Delivers intelligence associated with the attack vectors and procedures used.

Operational intelligence
Developed to provide details on the prevalence and source, and a summary of tactics and procedures.

Features

On-demand threat intelligence
Benefit from Avira’s threat intelligence database developed on the basis of three decades of malware analysis.

Delivered in real-time 
Powerful hash evaluation technology and a database of over a billion entries provide immediate comparison with known threats.

Personalized threat intelligence
Option to upload all, or specific file types, and receive the analysis results (malware or clean) within seconds.

Platform agnostic
Accessed using a REST API, architected for both premise-to-cloud and cloud-to-cloud integration.

Secure and reliable
Delivered from the cloud, it’s highly available, reliable, and scalable.

Direct or cloud-to-cloud access
Flexible implementation makes it quick and  easy to get started.

File Reputation API

The File Reputation API provides simple, on-demand access to Avira's threat intelligence. It enables technology partners to submit a file hash for evaluation or upload a file to the Avira Protection Cloud for analysis.

Hash inquiries are evaluated, and a result returned within tens of milliseconds. If the hash is unrecognized, the suspicious file can be sent to the Avira Protection Cloud for full analysis. 

 

Web Reputation API

Avira’s Web Reputation API offers a real-time, site-specific query approach to identifying malicious URLs and inappropriate internet sites. Delivered as part of Avira’s portfolio of threat intelligence solutions, the API provides an on-demand, usage-based alternative to a threat intelligence feed of web reputation data. It is an ideal solution for Security as a Service applications, firewalls, routers, email and web traffic scanning as well as internet content filtering.

Threat classifications provides information on  whether a site or domain is blacklisted, contains PUAs, or is safe and clean. Content categorization delivers real-time information on the domain compliant with IAB-1, tier 1 and 2.

Features

Threat classification
Includes safe, malware, spam, PUA, phishing and more.

Content categorization
400 categories compliant with IAB-1, tier 1 and tier 2.

Platform agnostic
Accessed using a REST API, architected for both premise-to-cloud and cloud-to-cloud integration.

Real-time response
Typically within 10ms.

Features

Threat intelligence reports
The Cloud Sandbox API will deliver an unparalleled level of detail in terms of malware analysis and intelligence.

Highly scalable
Scale malware analysis without impacting internal systems or
having to purchase additional hardware.

On-demand
On-demand malware analysis service via a REST API.

Platform agnostic
No local infrastructure, easy to integrate.

Cloud Sandbox API

Launching in 2019, Avira’s Cloud Sandbox API will deliver detailed, file-specific, threat intelligence reports to threat analysts and incident response teams. It will provide valuable, actionable intelligence for enterprises and organizations that specialize in cybersecurity services, managed security operations centers (SOCs) or security information and event management (SIEM) services.

Avira’s Cloud Sandbox will employ powerful Dynamic File Analysis™ systems to reveal the true intent of even the most obfuscated and hidden code. The highly sophisticated, secure, isolated and instrumented system accurately mimics all aspects of an end-user environment, defeating anti-analysis mechanisms and allowing code to execute fully.

Let's have a chat about how we can offer you a tailored solution...

Enhance your own threat intelligence with Avira's unique, comprehensive, and easy-to-consume cyber-threat feeds. Contact your local integration team now:

Contact us