IT:AD:Malware Detection
Summary
At this point in time (Q3/2017) consider using https://scanii.com/ if no organisation provided publicly available authorised confidential (ie https) API endpoint is available.
Notes
- SaaS based commercial API.
- Recommendation: Recommended.
- Commercial API that looks useful – but not enough information to provide comfort as to what happens to data.
- Recommendation: Hold, review periodically.
* http://www.attachmentscanner.com/
- a commercial ($99+/month) SaaS based API.
- Recommendation: Hold, review periodically.
- Fully owned subsidiary of Google, providing free, public API limited to 4 requests of any nature per minute.
- Recommendation: Do not use for sensitive data as malware infected media is shared with virus scanning companies.
* HerdProtect:
- Installed Windows product that requires an IaaS based instance if being used in the cloud.
- Recommendation: Not fit for purpose.
* https://www.metadefender.com/:
- Provides a free SaaS service to upload small files (<140Mb) using a form.(no API)
- Recommendations:
- Maybe form post could emulated, but would probably introduce brittleness. Avoid.
- Heavy, and expensive, providing multiple lines of defense.
- Recommendations: In most cases, it's overkill.
* https://virusscan.jotti.org/
- Free Linux based SaaS based Form upload, limited to 5 files per upload with 50MB limit per file. An API is provided for bulk scanning, price unknown.
- Recommendation: A couple of online threads mention it catching less than VirusTotal. Hold.
- Their mission is to provide a free, independent and non-commercial service to the security community. They provide an online form (no API), that uses VirusTotal – and therefore sensitive/classified data may be leaked.
- Recommendation: avoid.
* https://www.hybrid-analysis.com/
- Max 100Mb
- Upload Form
- Has API
- Free upload form limited to 20Mb. No API.
- Recommendation: prefer an api based offering.
* XRay
- Installation requires an IaaS instance if being used in the cloud.
- Recommendation: not fit for purpose.