AnsweredAssumed Answered

API to integrate third-party malware analysis tool into RSA Security Analytics Dashboard

Question asked by RSA Admin Employee on Nov 4, 2014
Latest reply on Nov 11, 2014 by RSA Admin

Hello,


I would like integrate a custom (third-party) malware analysis tool into the RSA Security Analytics Dashboard and display the analysis results along the results provided by the many options of the Malware Analysis (Spectrum) appliance. I did not find a way to add a custom malware analysis tool, just to enable exiting modules, such as GFI and ThreadGRID sandboxes, static analysis, AVs, etc. What I would like is to integrate a third-party analysis tool and then access the analysis results in the main dashboard of the RSA SA (e.g., under Investigation -> Malware Analysis).


Is this possible in the first place? If yes, is there a public API to achieve this integration? For instance, the Netwitness REST API was very useful in providing access to the incoming content to this third-party malware analysis tool, but I did not find any way to send the analysis results back.

 

Thank you!

Outcomes