Sophos, a cybersecurity solution provider, recently announced the availability of SophosLabs Intelix. The new threat intelligence and analysis platform is a cloud-based solution that empowers developers to build applications with enhanced security. Applications can call the Sophos platform for a cybersecurity threat analysis through API calls.
"Sophos is building a global community around its APIs to spark innovation among developers," Joe Levy, Sophos CTO, commented in a press release. "By exposing a variety of intelligence from SophosLabs directly through RESTful APIs, we're making it simpler than ever before to quickly and easily integrate threat intelligence into new and existing applications and operations."
Through API calls, applications can receive static and dynamic analysis, queries on file hashes, URLs, IP addresses, and much more. From a very practical perspective, API calls are essentially asking questions like "Is this file safe?" and Intelix is providing an answer. The platform updates in real-time and includes petabytes of new and historical data from sources like Sohpos telemetry, network, and mobile security solutions, honeypots, spam traps, 30 years of research, and more.
The three primary categories under the platform include real-time lookups, static file analysis, and dynamic file lookups. Real-time lookups allow an integrated application to receive quick classification of artifacts by querying file hashes, URLs, IPs or Android application thumbprints. Static file analysis uses many machine learning models, global reputation, and deep file scanning while avoiding the need to execute a file in real-time. Dynamic file analysis executes classification in sandboxes so that runtime detection techniques can be used safely. To learn more, check out the SophosLabs site.