File analysis API enables your organization to optimize unstructured data, identify risk across data and applications, and enable smarter cloud migrations. It also helps you address compliance and security challenges while reducing the threat of data loss, productivity loss, and end-user disruption.
File analysis options help you control which types of files Content Gateway sends to the malware lab for advanced analysis. For example, you can choose to analyze all executable files and only scan HTTP and HTTPS URLs. To use these options, select File Type Options in the Content Gateway Platform drop-down menu.
Unveiling Insights: The Power of File Analysis APIs in Cybersecurity
To see the file analysis results, you must log in to the Kaspersky Threat Intelligence Portal. You can do this from the web interface by signing in with your account and clicking Sign in to the Sandbox. In the resulting dialog, enter file hash> and API token> to get the dynamic file analysis report for the specified file.
The report shows the file’s file extension if it exists, and a verdict such as malicious, suspicious, harmless, or undetected. The verdict is based on the analysis performed by malware labs using file genetic similarity intersection machine learning, suspicious file attributes identification, Deep Anti-Malware scanning, industry detection coverage, and other methods. The report also contains additional information such as the file’s size, engine name and update date, and the number of AV engines that reach a timeout when analyzing the file.
File analysis solutions can perform detailed file classification, identifying sensitive data such as PII, PCI, and PHI; and cleaning up legacy and unmanaged files in email repositories, file shares, SharePoint sites, and cloud repositories. They can also help organizations save on storage costs by identifying and automatically deleting dark data that is misplaced, duplicated, obsolete, or trivial.