Threat Intelligence Search API

Threat Intelligence Search API at OPSWAT has multiple offerings:

Pattern Search (expression search): Expression search, involves searching for specific patterns or expressions within threat intelligence data. This approach focuses on finding exact matches of predefined expressions such as malware families, malware threat names, AV detection filtering, first/last seen, etc. By performing expression searches, security professionals can quickly identify known threats or indicators associated with specific malware, campaigns, or threat actors. It is a highly effective method for detecting previously identified threats and known attack patterns.

Similarity Search: Similarity search, involves looking for patterns or indicators that are similar to known threats or IOCs, even if they are not exact matches. Instead of relying on exact matches, this approach utilizes algorithms and techniques such as clustering or machine learning to identify similarities between data points. Similarity search is useful when dealing with variations or mutations of known threats, where attackers may slightly modify their tactics to evade detection. By identifying similar patterns or behaviors, security professionals can uncover new or emerging threats that share characteristics with known malicious activities.

How to achieve an API key for Threat Intelligence Search API:

• Create an MD Cloud API key at metadefender.opswat.com (Default limit: 25)

• Download the Postman collection and import it into Postman

• Reach out to your OPSWAT Representative or email stephanie.luangraj@opswat.com to upgrade limits

To find out more visit here or view the MetaDefender Cloud Store for purchasing options.