With this API you can detect Windows malware process behaviors.
Consider this API as a
cloud Windows process behavior detection API that can be included into any security software to add an additional process safety check. It can be used also to scan logs of processes executed in a Windows system to spot suspicious processes behaviors. You just need to submit the process details (process, command-line, signer, parent, etc) and our API will scan the process
behavior and provide a risk score from 0 (good) to 100 (bad).
Register and get 25 free API credits
This API can detect post-exploitation behaviors, such as a malware payload executed
via a Microsoft Office (Word, Excel, etc) maldoc, can detect Windows processes located in suspicious locations,
or any other suspicious Windows process behavior that is not "normal". This JSON API can be
used in threat prevention to accurately detect a suspicious process
before it is executed in the system, or in threat detection and SIEM to analyze events
of already executed processes.
Our API uses thousands of sophisticated internal rules to detect suspicious Windows process behaviors, a smart addition to your current threat intelligence platform or Windows security products.
The API can detect suspicious Windows process behaviors within a few seconds, generally it can take from less than 1 second to up to 3 seconds for some cases. We made sure the results are provided very quickly.
To consume this API service you can use your global credits. So each time you make
one API query, our system will decrease N credits. With your credits you can use all our API services!
Purchased credits need to be consumed within 1 year. Below you can find how many
credits are decreased for each API query with Process Behavior API:
0.08 Credits /Query
Have questions? Don't hesitate to contact us directly via email.
If you don't receive a reply in one or two business days, please re-send the message.
Here is our email (it is an image to prevent spam):