- The web interface is updated to ensure a smooth user experience as new features are introduced.
- More detailed information on submitted files through their static analysis is added. It provides data on the Portable Executable (PE) files structure and extracted strings. The PE format relates to files running on Windows and contains information on how the operating system should execute their code. Based on the results of the analysis, security researchers can identify the object’s functionality and, as long as it has non-typical artifacts, reveal its harmful potential, even if the malware was previously unknown. The results can also be used to create indicators of compromise, detection heuristics, and rules.
- Behavior detection technology is now added to our multi-layered detection approach as one of the most efficient ways to detect advanced threats like fileless malware, ransomware, and zero-day malware.
- New privileged features for registered users through free community access are introduced:
- An ability to connect applications with the service via the RESTful API, to automate requests for checking dangerous objects, and get query results in the form of a JSON file and without visiting the web service.
- To increase privacy, a special submission mode that enables file or indicators checking in a way that the results are not available to others until they submit an object themselves.
- The full history of searches (both private and public).
- Russian localization of Kaspersky Threat Intelligence Portal and Help is now available.