PolySwarm is a file reputation tool specialized in detecting new and emerging malware. Powered by a crowdsourced network of threat detection engines that are highly specialized, R&D focused and faster at detecting new malware, these engines detect threats more likely to be missed by existing solutions. PolySwarm uses its proprietary threat scoring algorithm, PolyScore™, to aggregate engines’ insights on submitted files, and contextualizes based on historical performance and field of expertise. The single, reliable score, leads to better, more accurate file reputation.
As the volume and complexity of cyber threats increase, contextualizing and prioritizing incidents becomes critical. Enterprises struggle to hire enough malware analysts, and enterprise SOC teams are required to deal with an ever-growing queue of alerts. The industry needs to respond to incidents with tools that are effective and simple.
ThreatConnect aggregates and organizes feeds from multiple trusted partners, providing diverse threat intelligence within their platform. PolySwarm seamlessly integrates via API and allows ThreatConnect’s users to obtain file reputation services with a single click, in real-time, from a network of independent malware detection engines. PolySwarm enriches samples with diverse threat indicators and allows threat hunters and SOC analysts to search for and identify relationships between diverse malware families and threat indicators. PolySwarm also provides a final score derived from crowdsourced opinions ( PolyScore™), a single number that reflects the likelihood that a given file contains malware.
PolySwarm uniquely addresses emergent and 0-day malware by using a network of research-driven engines that compete in real-time to detect malware. These engines are niche, highly specialized, and yield better accuracy rates within their field of expertise. Engines are economically rewarded for early and accurate detection and enterprises benefit from deeper coverage of the malware landscape and 0-day threats.
By using PolySwarm’s integration with ThreatConnect’s SOAR platform to analyze suspicious artifacts, at scale, millions of times per day. Get real-time threat intelligence from a crowdsourced network of security experts and antivirus companies.
This app is developed and maintained by PolySwarm. To get this app, click the download button on the left.
PolySwarm Ransomware Threat Intelligence Feed
PolySwarm’s Ransomware feed app seamlessly integrates into The ThreatConnect Platform and allows users to obtain a high-quality listing of known ransomware and first-stage malware hashes along with associated metadata. One of the metadata data points is the PolyScore (denoted as the confidence rating), a single number that reflects the likelihood that a given file contains malware based on asserting engines' recent historical success with similar malware families and file types. PolySwarm uniquely addresses emergent and 0-day malware by using a network of research-driven and commercial malware detection engines that compete in real-time to detect malware.
To get this app, click the Download button on the left.