A SaaS service based on file hash query, providing the reputation values, threat types and rich context information of billions of files. It can provide key support to threat identification, incident analysis, intelligence analysis and threat hunting. 360 File Reputation can provide customer with a more reasonable result with the help of techniques such as multi-engine static detection, dynamic analysis of behaviors, whitelist analysis, and manual analysis.
-
Techniques like polymorphic obfuscation, encryption & deformation, dynamic creation are commonly used in malicious attacks nowadays. While it’s difficult to meet those challenges using traditional detection methods, file reputation can help analysts focusing on large numbers of new samples and malware families and making timely identifications.
Improved Detection Result
With the help of 360 cloud computing resource and the advantage of a professional security team, the detection result of file reputation would be a result of various kinds of methods, and can surely be improved to cope with complex samples.
Reduce False Positive Alarm from Local Engine
File reputation, as it’s related to multi-techniques analysis, whitelist analysis and manual identification process, can effectively reduce the false positive rate.
Accelerated Incident Response
File reputation contains rich context information, such as threat types, malware families, attack groups, trends, related platforms, file types, etc., to help quickly developing risk elimination and incident response strategies.
-
The world’s largest Sample Database
With years of cybersecurity-related big data accumulation, 360 has nearly 30 billion pieces of file reputation intelligence, and can deal with up to 10 million new files per day.
-
Accurate Identification of Files
With the help of techniques such as anti-virus engines, active defense methods, AI analysis, Homology analysis of samples and dynamic analysis of behaviors, 360 can provide reasonable results under mature operations.
-
Flexible Deployment Solutions
With SaaS-based cloud capability, standard APIs, it is easy to integrate with various kinds of devices such as gateway-related devices or terminals/endpoint devices.
Threat Intelligence subscription
360 Threat Intelligence Platform
360 Network Traffic Threat Analysis
360 Local Security Team
360 Endpoint Security Management System