Skip to main content
Version: Spectra Detect 5.7.2

Getting started with Spectra Detect

This guide walks you through logging in to Spectra Detect Manager (SDM), connecting to the Spectra Intelligence cloud, and running your first file analysis workflow.

What you'll accomplish:

  • Log in to Spectra Detect Manager
  • Connect to the Spectra Intelligence cloud
  • Configure your first scan input
  • Submit a file and view analysis results

Prerequisites

Before you begin:

  • Access to your organization's Spectra Detect deployment (or deployment credentials if setting up from scratch)
  • Familiarity with your chosen deployment model (OVA/AMI, K8s Mono, or K8s Micro)
  • For new deployments: access to the appropriate infrastructure (VMware/AWS for OVA/AMI, Kubernetes cluster for K8s deployments)
Initial credentials

Your initial SDM administrator username and password are provided by ReversingLabs Support. Change the default password after your first login.

Step 1: Access your deployment

Spectra Detect is available in two deployment models (OVA/AMI, K8s Micro). This guide assumes you have already deployed Spectra Detect or have access to an existing deployment.

For deployment instructions, see:

Step 2: Log in to Spectra Detect Manager

Spectra Detect Manager (SDM) is the central web interface for configuring Workers, monitoring analysis activity, and managing the cluster. It is available in OVA/AMI and K8s Micro deployments.

  1. Open your browser and navigate to the SDM URL provided by your administrator (for example, https://sdm.example.com).
  2. Log in with the administrator credentials provided by ReversingLabs Support.
  3. Change the default password when prompted.
note

SDM is not included in the K8s Micro deployment (v5.7). Refer to the AWS EKS Micro Deployment guide for configuration in that model.

Step 3: Configure the Spectra Intelligence cloud connection

Spectra Detect Manager must be connected to Spectra Intelligence to receive system updates, appliance upgrades, and cloud-enriched classification data. Without this connection, software updates cannot be delivered automatically and Deep Cloud Analysis will not be available.

  1. In SDM, navigate to Administration > Spectra Detect Manager.
  2. Scroll to the Spectra Intelligence section.
  3. Select the Enable Spectra Intelligence checkbox.
  4. Enter your Spectra Intelligence username and password.
  5. Select Save. SDM will restart and begin polling Spectra Intelligence every 60 minutes.

If the connection fails, verify that your network allows outbound HTTPS (port 443) to appliance-api.reversinglabs.com. See Network Ports for the full list of required ports.

note

If you do not yet have Spectra Intelligence credentials, contact ReversingLabs Support.

Step 4: Configure a scan input

Configure at least one file input source so Spectra Detect knows where to pick up files for analysis.

  1. In SDM, navigate to Configuration > Analysis Input.
  2. Select your input type (S3 bucket, ICAP, network share, or API submission).
  3. Enter connection details and authentication credentials.
  4. Select Save.

For detailed input options, see Analysis Input Configuration.

Step 5: Submit a file and view results

Once a scan input is configured, files submitted through that input are automatically analyzed by Spectra Core.

To verify analysis is working:

  1. Submit a test file through your configured input.
  2. Open the Dashboard in SDM.
  3. Confirm the file appears with a classification (Malicious, Suspicious, Goodware, or Unknown).
  4. Select the file to view its full analysis report.

Step 6: Configure YARA rules (optional)

Spectra Detect supports custom YARA rules for detection of specific file patterns. Rules can be uploaded through SDM and are automatically synchronized across all connected Workers.

Next steps

Now that you've configured your first scan input and verified analysis is working, explore the full capabilities of Spectra Detect: