# ReversingLabs Documentation > Technical documentation for ReversingLabs file analysis, threat intelligence, and malware detection products. ReversingLabs provides enterprise-grade file analysis and threat intelligence solutions powered by Spectra Core, a proprietary static analysis engine that decomposes and analyzes 400+ file formats. This documentation covers product deployment, API integration, malware analysis workflows, and security configuration. Key concepts: - **Spectra Core**: Static file analysis engine that powers all ReversingLabs products - **Classification**: Algorithm determining file security status (malicious, suspicious, goodware, unknown) - **Risk Score**: Numeric value (0-10) indicating malware likelihood - **Static Analysis**: File examination without execution - **Threat Intelligence**: Cloud-based file reputation and malware analysis data ## Product-Specific Documentation For smaller, product-focused LLM files: - [Spectra Analyze](/llms-spectra-analyze.txt) - Malware analysis appliance - [Spectra Detect](/llms-spectra-detect.txt) - Enterprise file analysis platform - [Spectra Intelligence](/llms-spectra-intelligence.txt) - Cloud threat intelligence API - [File Inspection Engine](/llms-file-inspection-engine.txt) - Containerized file analysis - [T1000](/llms-t1000.txt) - Threat intelligence appliance ## RAG-Ready Archives For uploading to ChatGPT/Claude or custom RAG systems: - [All Products](/reversinglabs-docs-rag.zip) - Complete documentation archive - [Spectra Analyze](/reversinglabs-spectraanalyze-docs-rag.zip) - Product-specific archive - [Spectra Detect](/reversinglabs-spectradetect-docs-rag.zip) - Product-specific archive - [Spectra Intelligence](/reversinglabs-spectraintelligence-docs-rag.zip) - Product-specific archive - [File Inspection Engine](/reversinglabs-fileinspectionengine-docs-rag.zip) - Product-specific archive - [T1000](/reversinglabs-t1000-docs-rag.zip) - Product-specific archive - [General Concepts](/reversinglabs-general-docs-rag.zip) - Shared reference documentation ## Table of Contents - [General Concepts and Reference — ReversingLabs](https://docs.reversinglabs.com//docs/General/index.md): Core concepts, terminology, and reference documentation shared across ReversingLabs products: file analysis fundamentals, classification, deploymen... - [Getting started with Spectra Analyze](https://docs.reversinglabs.com//docs/SpectraAnalyze/getting-started.md): Get started with Spectra Analyze: configure the Spectra Intelligence cloud connection, access the web interface, upload your first file for analysi... - [Spectra Analyze — Malware Analysis for Threat Analysts](https://docs.reversinglabs.com//docs/SpectraAnalyze/index.md): Malware analysis appliance combining Spectra Core static decomposition with Spectra Intelligence threat data. Analyze 400+ file formats, collaborat... - [Getting Started with Spectra Detect — First Login, SDM Setup, and File Analysis](https://docs.reversinglabs.com//docs/SpectraDetect/getting-started.md): Log in to Spectra Detect Manager, connect to Spectra Intelligence, configure your first scan input, and submit a file to view analysis results in t... - [Spectra Detect — Enterprise File Analysis and Malware Detection Platform](https://docs.reversinglabs.com//docs/SpectraDetect/index.md): Learn how Spectra Detect scales static file analysis from 100K to 100M files/day across Workers, Hubs, and SDM in OVA/AMI and Kubernetes deployments. - [Spectra Intelligence Quick Start — First API Call in Minutes](https://docs.reversinglabs.com//docs/SpectraIntelligence/getting-started.md): Get API credentials, authenticate with HTTP Basic Auth, and run your first Spectra Intelligence file reputation lookup using tca-0101. - [Spectra Intelligence API — Authentication, Rate Limits & Endpoints](https://docs.reversinglabs.com//docs/SpectraIntelligence/general.md): Learn how to authenticate, format requests, and interpret rate limits and response codes for Spectra Intelligence TCA and TCF endpoints. - [Getting started with File Inspection Engine](https://docs.reversinglabs.com//docs/FileInspectionEngine/getting-started.md): Run File Inspection Engine with Docker in minutes: pull the container, configure your license, submit a file to the HTTP API, and read the malware ... - [File Inspection Engine](https://docs.reversinglabs.com//docs/FileInspectionEngine/index.md): Containerized file analysis service for real-time malware scanning via HTTP API. Runs on Docker or Kubernetes, analyzes 400+ formats on-premises. - [Getting started with T1000](https://docs.reversinglabs.com//docs/T1000/getting-started.md): Get started with the T1000 appliance: authorize the appliance, apply a license, create an API user, and run your first file reputation lookup. - [T1000](https://docs.reversinglabs.com//docs/T1000/index.md): Documentation for ReversingLabs T1000, a high-performance network appliance for real-time file inspection. - [Example values.yaml file](https://docs.reversinglabs.com//docs/FileInspectionEngine/Deployment/Examples/values.md): File Inspection Engine Helm chart example values.yaml configuration file with defaults for storage, service and ingress settings. - [Air-Gapped Kubernetes Deployment](https://docs.reversinglabs.com//docs/FileInspectionEngine/Deployment/air-gapped-kubernetes.md): How to manually deploy the application in a Kubernetes cluster without network access. - [Docker Deployment — File Inspection Engine](https://docs.reversinglabs.com//docs/FileInspectionEngine/Deployment/docker.md): Deploy File Inspection Engine with Docker: pull from the ReversingLabs registry, configure the license, set environment variables, and sync threat ... - [Deploying File Inspection Engine: Requirements & Architecture](https://docs.reversinglabs.com//docs/FileInspectionEngine/Deployment/index.md): File Inspection Engine deployment: hardware requirements, Spectra Core instance sizing, and guides for Docker, Kubernetes, and air-gapped setups. - [Kubernetes Deployment — File Inspection Engine](https://docs.reversinglabs.com//docs/FileInspectionEngine/Deployment/kubernetes.md): Deploy File Inspection Engine on Kubernetes with Helm. Covers GKE setup, chart configuration, persistent storage, and Spectra Core instance scaling. - [File Inspection Engine Configuration Reference](https://docs.reversinglabs.com//docs/FileInspectionEngine/configuration.md): Complete configuration reference for File Inspection Engine: core instance counts, concurrency limits, timeouts, file size, proxy settings, and thr... - [File Inspection Engine Troubleshooting Guide](https://docs.reversinglabs.com//docs/FileInspectionEngine/troubleshooting.md): Fix common File Inspection Engine issues: container startup failures, threat database errors, analysis timeouts, OOM kills, and license validation ... - [File Inspection Engine API Reference](https://docs.reversinglabs.com//docs/FileInspectionEngine/usage.md): File Inspection Engine API: /scan for malware verdicts, hash lookups, /readyz and /status endpoints, concurrency limits, timeouts, and error respon... - [Analysis Timeout Issues](https://docs.reversinglabs.com//docs/General/AnalysisAndClassification/AnalysisTimeout.md): Understanding and resolving file analysis timeout issues in ReversingLabs products. - [Antivirus Result Availability](https://docs.reversinglabs.com//docs/General/AnalysisAndClassification/AntivirusResultAvailability.md): Learn how long it typically takes for antivirus results to appear after uploading or rescanning a sample in Spectra Intelligence. - [Certificate Revocation](https://docs.reversinglabs.com//docs/General/AnalysisAndClassification/Certificate-revocation.md): Learn how ReversingLabs tracks and adjusts certificate revocation dates, and how this affects sample classification and search results. - [File Classification and Risk Scoring — ReversingLabs](https://docs.reversinglabs.com//docs/General/AnalysisAndClassification/Classification.md): File classification assigns risk scores (0-10) and threat verdicts (malicious, suspicious, goodware, unknown) using Spectra Core analysis. Learn ho... - [Handling False Positives](https://docs.reversinglabs.com//docs/General/AnalysisAndClassification/FalsePositives.md): How ReversingLabs identifies and corrects false positives reported by customers. - [ReversingLabs malware naming standard](https://docs.reversinglabs.com//docs/General/AnalysisAndClassification/MalwareNamingStandard.md): Outlines the standardized naming conventions used by ReversingLabs to identify and classify malware, ensuring consistency and clarity in threat rep... - [Risk score reference table](https://docs.reversinglabs.com//docs/General/AnalysisAndClassification/RiskScoreTable.md): Presents a detailed table correlating classifications, trust factors, threat levels, and risk scores, offering insights into how risk assessments a... - [How Spectra Core analysis works](https://docs.reversinglabs.com//docs/General/AnalysisAndClassification/SpectraCoreAnalysis.md): Learn how the Spectra Core analysis process works and what happens with files and samples in each of the analysis steps. - [Spectra Intelligence Detection Rate](https://docs.reversinglabs.com//docs/General/AnalysisAndClassification/SpectraIntelligenceDetectionRate.md): Understand the common causes of a low detection rate in Spectra Intelligence and how to address them. - [Static Analysis Rescans](https://docs.reversinglabs.com//docs/General/AnalysisAndClassification/StaticAnalysisRescans.md): Understand when static analysis rescans happen in ReversingLabs products and how to trigger them manually via API or support requests. - [YARA and Spectra Core](https://docs.reversinglabs.com//docs/General/AnalysisAndClassification/YARASpectraCore.md): Explores the integration of YARA, a tool for pattern matching, with Spectra Core, detailing how custom rules can be utilized to identify and classi... - [File Analysis Approaches](https://docs.reversinglabs.com//docs/General/AnalysisAndClassification/file-analysis-approaches.md): Compare file analysis approaches: hash reputation lookup, full static analysis, and sandbox execution. Understand speed and depth tradeoffs and whi... - [Spectra Analyze vs. Spectra Intelligence](https://docs.reversinglabs.com//docs/General/AnalysisAndClassification/spectra-analyze-vs-spectra-intelligence.md): Compare Spectra Analyze and Spectra Intelligence: deployment models, use cases, API vs. UI access, and when to use each product or both together. - [Static vs. Dynamic Analysis](https://docs.reversinglabs.com//docs/General/AnalysisAndClassification/static-vs-dynamic-analysis.md): Compare static and dynamic file analysis approaches: how each works, their strengths and limitations, and how ReversingLabs products combine both f... - [Cloud Deployment Options — AWS, Azure, and GCP](https://docs.reversinglabs.com//docs/General/DeploymentAndIntegration/CloudDeploymentOptions.md): ReversingLabs cloud deployment options including AWS, Azure, and Google Cloud Platform for Spectra Analyze and Spectra Detect appliances. - [Firewall and network connections](https://docs.reversinglabs.com//docs/General/DeploymentAndIntegration/FirewallNetworkConnections.md): Lists the required network ports, protocols, and endpoint connections for Spectra Appliances, including communication between internal components, ... - [Hardware Requirements for ReversingLabs Appliances](https://docs.reversinglabs.com//docs/General/DeploymentAndIntegration/PlatformRequirements.md): Hardware specifications for Spectra Analyze, Spectra Detect, File Inspection Engine, and T1000 appliances: CPU, RAM, storage, IOPS, and AWS instanc... - [Artifact security and provenance verification (SLSA)](https://docs.reversinglabs.com//docs/General/DeploymentAndIntegration/SLSA.md): Instructions for verifying the authenticity and integrity of ReversingLabs artifacts using SLSA provenance and Cosign. - [Installing Spectra Core on Debian-Based Linux Distributions](https://docs.reversinglabs.com//docs/General/DeploymentAndIntegration/SpectraCoreDebian.md): Step-by-step guide to convert Spectra Core RPM packages to DEB format and install on Debian, Ubuntu, and other Debian-based Linux distributions usi... - [Supported Product Versions](https://docs.reversinglabs.com//docs/General/DeploymentAndIntegration/SupportedProductVersions.md): Learn which ReversingLabs product versions are supported and where to find documentation for them. - [OAuth 2.0 and OpenID Connect](https://docs.reversinglabs.com//docs/General/SecurityAndAccessControl/OpenID.md): Provides an overview of the OAuth 2.0 and OpenID Connect protocols, explaining their roles in authentication and authorization processes within Rev... - [Privacy & Data Sharing](https://docs.reversinglabs.com//docs/General/SecurityAndAccessControl/Privacy.md): Details ReversingLabs' approach to data privacy, including policies and practices implemented to protect user information and ensure compliance wit... - [SAML Configuration](https://docs.reversinglabs.com//docs/General/SecurityAndAccessControl/SAML.md): Discusses the Security Assertion Markup Language (SAML) standard and its application in facilitating single sign-on (SSO) and other security assert... - [Verified Software and Package Identities — Spectra Core](https://docs.reversinglabs.com//docs/General/SpectraCore/appid-software.md): Complete reference of Spectra Core verified software identities including applications, LOLBins, LOLDrivers, steganography tools, hacker tools, and... - [Spectra Core certificate trust store](https://docs.reversinglabs.com//docs/General/SpectraCore/cert-trust-store.md): Complete list of trusted certificates in Spectra Core with common names, serial numbers, and SHA1/SHA256 thumbprints for validation. - [Spectra Core Tags Reference — File Classification and Security](https://docs.reversinglabs.com//docs/General/SpectraCore/core-tags.md): Complete reference of Spectra Core tags for file classification, digital signatures, certificate validation, vulnerabilities, and security characte... - [Known Vulnerabilities and CVE Database — Spectra Core](https://docs.reversinglabs.com//docs/General/SpectraCore/cve-list.md): Comprehensive database of known vulnerabilities detected by Spectra Core including CVE listings and format malformation exploits used in static fil... - [Security Grades and Codes](https://docs.reversinglabs.com//docs/General/SpectraCore/grade_codes.md): Reference for Spectra Core security grades (A-F) and detailed grade codes (RC, WC, SC) assigned during static analysis. - [Spectra Core Indicators](https://docs.reversinglabs.com//docs/General/SpectraCore/indicators.md): Reference for Spectra Core behavior indicators that identify file operations, registry access, debugger detection, and other suspicious activities. - [Native binary file types and identifications](https://docs.reversinglabs.com//docs/General/SpectraCore/report-native-binary.md): SpectraCore native binary file types and identifications for analyzing uncompressed executable and archive binary files. - [Native ELF SFX file types and identifications](https://docs.reversinglabs.com//docs/General/SpectraCore/report-native-elf-sfx.md): SpectraCore native ELF self-extracting file types supporting 32/64-bit big and little endian architectures. - [Native ELF file types and identifications](https://docs.reversinglabs.com//docs/General/SpectraCore/report-native-elf.md): SpectraCore native ELF file types and identifications for Linux/Unix executable formats in multiple architectures. - [Native multimedia file types and identifications](https://docs.reversinglabs.com//docs/General/SpectraCore/report-native-multimedia.md): SpectraCore multimedia file types including audio, video, image, document formats and media containers. - [Native PE SFX file types and identifications](https://docs.reversinglabs.com//docs/General/SpectraCore/report-native-pe-sfx.md): SpectraCore native PE self-extracting file types and identifications for Windows executables and libraries. - [Native PE file types and identifications](https://docs.reversinglabs.com//docs/General/SpectraCore/report-native-pe.md): SpectraCore native PE file types including executables and libraries for Windows platform analysis. - [Native script file types and identifications](https://docs.reversinglabs.com//docs/General/SpectraCore/report-native-script.md): SpectraCore native script file types and identifications for analyzing interpreted programming languages. - [Native text file types and identifications](https://docs.reversinglabs.com//docs/General/SpectraCore/report-native-text.md): SpectraCore native text file types and identifications covering plain text and source code formats. - [Native File Types and Subtypes — Spectra Core](https://docs.reversinglabs.com//docs/General/SpectraCore/report-section.md): Complete reference of Spectra Core native file types and subtypes including binary, text, PE, ELF, and multimedia formats supported for static anal... - [Supported Unpacking Formats — Spectra Core](https://docs.reversinglabs.com//docs/General/SpectraCore/report-unpacking.md): Complete list of 400+ unpacking formats supported by Spectra Core including packers, archives, installers, and self-extracting executables for malw... - [Spectra Analyze Enrichment App Activation — Anomali ThreatStream](https://docs.reversinglabs.com//docs/Integrations/Anomali/ThreatStream/analyze-activiation-guide.md): Setup and configuration guide for Spectra Analyze Premium Enrichment app in Anomali ThreatStream for IOC enrichment with file analysis and classifi... - [Spectra Intelligence Enrichment App Activation — Anomali ThreatStream](https://docs.reversinglabs.com//docs/Integrations/Anomali/ThreatStream/intelligence-activation-guide.md): Setup and configuration guide for Spectra Intelligence Premium Enrichment app in Anomali ThreatStream for IOC enrichment with file reputation and t... - [Ransomware TAXII Feed Activation](https://docs.reversinglabs.com//docs/Integrations/Anomali/ThreatStream/ransomware-feed-activation.md): This article describes how to setup and configure the ReversingLabs Ransomware Feed for Anomali ThreatStream. - [Spectra Intelligence Service Installation Guide — Assemblyline](https://docs.reversinglabs.com//docs/Integrations/Assemblyline/user-guide.md): Installation and configuration guide for ReversingLabs Spectra Intelligence service in Assemblyline including service manifest setup and file reput... - [Changelog](https://docs.reversinglabs.com//docs/Integrations/Browser Extension/changelog.md): View the changelog for the ReversingLabs Browser Extension. - [Enterprise Deployment and Configuration — Browser Extension](https://docs.reversinglabs.com//docs/Integrations/Browser Extension/enterprise-deployment.md): Enterprise deployment guide for ReversingLabs Browser Extension including group policy configuration, credential management, and organization-wide ... - [Individual Installation and Setup — Browser Extension](https://docs.reversinglabs.com//docs/Integrations/Browser Extension/individual-setup.md): Installation and configuration guide for individual users setting up the ReversingLabs Browser Extension for Chrome and Edge with Spectra Analyze o... - [ReversingLabs Browser Extension Overview](https://docs.reversinglabs.com//docs/Integrations/Browser Extension/overview.md): Browser extension for Chrome and Edge that integrates Spectra Analyze and Spectra Intelligence with automatic file scanning, URL checking, and IOC ... - [User Guide — ReversingLabs Browser Extension](https://docs.reversinglabs.com//docs/Integrations/Browser Extension/user-guide.md): Complete user guide for ReversingLabs Browser Extension including IOC highlighting, file scanning, URL checking, and side panel features for Chrome... - [Corelight Integration — Network File Analysis and Malware Detection](https://docs.reversinglabs.com//docs/Integrations/Corelight/corelight-integration.md): ReversingLabs integration with Corelight NDR platform for automated network file extraction, analysis, and malware detection using Zeek sensors. - [F5 BIG-IP LTM Integration — ICAP Connector Setup](https://docs.reversinglabs.com//docs/Integrations/ICAP/f5.md): Complete integration guide for Spectra Detect ICAP Connector with F5 BIG-IP Local Traffic Manager including REQMOD, RESPMOD, and ICAPS configuration. - [Kiteworks Integration — ICAP Connector Setup](https://docs.reversinglabs.com//docs/Integrations/ICAP/kiteworks.md): Integration guide for Spectra Detect ICAP Connector with Kiteworks secure file sharing platform including security scanning configuration. - [Spectra Analyze MISP Enrichment Module — Installation and Configuration](https://docs.reversinglabs.com//docs/Integrations/MISP/index.md): Complete integration guide for Spectra Analyze MISP enrichment module including installation, configuration, IOC enrichment, and mapping DSL for fi... - [Copilot for Security Spectra Analyze Plugin - User Guide](https://docs.reversinglabs.com//docs/Integrations/Microsoft/MicrosoftCopilotForSecurity/c4s-spectra-analyze-plugin-guide.md): This article describes how to setup and use the Spectra Analyze plugin for Microsoft Copilot for Security - [Copilot for Security Spectra Intelligence Plugin - User Guide](https://docs.reversinglabs.com//docs/Integrations/Microsoft/MicrosoftCopilotForSecurity/c4s-spectra-intelligence-plugin-install.md): This article describes how to setup and use the Spectra Intelligence plugin for Microsoft Copilot for Security - [Changelog](https://docs.reversinglabs.com//docs/Integrations/Microsoft/MicrosoftSentinel/RLContentPack/changelog.md): View the version history of the ReversingLabs Content Pack for Microsoft Sentinel - [Installation](https://docs.reversinglabs.com//docs/Integrations/Microsoft/MicrosoftSentinel/RLContentPack/install.md): This article describes how to install the ReversingLabs Content Pack for Microsoft Sentinel - [Changelog](https://docs.reversinglabs.com//docs/Integrations/Microsoft/MicrosoftSentinel/SpectraDetectSolution/changelog.md): View the changelog for the ReversingLabs Spectra Detect Solution for Microsoft Sentinel - [Getting started](https://docs.reversinglabs.com//docs/Integrations/Microsoft/MicrosoftSentinel/SpectraDetectSolution/install.md): This article describes how to install the ReversingLabs Spectra Detect Solution for Microsoft Sentinel - [Enrichment API Offer Usage Guide — Microsoft Sentinel](https://docs.reversinglabs.com//docs/Integrations/Microsoft/MicrosoftSentinel/enrichment-api-offer.md): Setup and configuration guide for ReversingLabs Enrichment API offer in Azure Marketplace for Microsoft Sentinel including subscription activation ... - [Logic App Connectors — Microsoft Sentinel](https://docs.reversinglabs.com//docs/Integrations/Microsoft/MicrosoftSentinel/logicapp-connectors.md): Setup and configuration guide for ReversingLabs Logic App connectors in Microsoft Sentinel including Spectra Intelligence and Spectra Analyze workf... - [Microsoft Sentinel Ransomware TAXII Feed Activation](https://docs.reversinglabs.com//docs/Integrations/Microsoft/MicrosoftSentinel/ransomware-feed-activation.md): This article describes how to setup and configure the ReversingLabs Early Detection of Ransomware threat intelligence feed for Microsoft Sentinel. - [Set Up ReversingLabs Connectors for OpenCTI — Installation Guide](https://docs.reversinglabs.com//docs/Integrations/OpenCTI/connector-installation.md): Installation and configuration guide for ReversingLabs OpenCTI connectors including Malware Presence, Spectra Analyze, and Spectra Intelligence Sub... - [ReversingLabs Connectors for OpenCTI — Configuration and Usage Guide](https://docs.reversinglabs.com//docs/Integrations/OpenCTI/connector-usage.md): Configuration and usage guide for ReversingLabs OpenCTI connectors including file submission, enrichment workflows, and threat intelligence integra... - [OpenCTI Ransomware TAXII Feed Activation](https://docs.reversinglabs.com//docs/Integrations/OpenCTI/feed-configuration.md): This article describes how to set up and configure OpenCTI to ingest indicators from ReversingLabs TAXII feeds. - [ReversingLabs A1000 Content Pack Setup](https://docs.reversinglabs.com//docs/Integrations/Palo Alto/Cortex XSOAR/xsoar-rl-a1000-contentpack.md): This article describes how to setup and configure the ReversingLabs A1000 Content pack for Palo Alto Cortex XSOAR. - [ReversingLabs TitaniumCloud Content Pack Setup](https://docs.reversinglabs.com//docs/Integrations/Palo Alto/Cortex XSOAR/xsoar-rl-titaniumcloud-contentpack.md): This article describes how to setup and configure the ReversingLabs TitaniumCloud Content pack for Palo Alto Cortex XSOAR. - [Ingesting Spectra Detect Logs into QRadar — Syslog and JSON Setup](https://docs.reversinglabs.com//docs/Integrations/QRadar/user-guide.md): Setup guide for ingesting Spectra Detect logs into IBM QRadar SIEM using syslog and JSON including log source configuration, custom mapping, and ru... - [ReversingLabs Amplify — Embeddable Threat Intelligence Widget](https://docs.reversinglabs.com//docs/Integrations/ReversingLabs Amplify/overview.md): Embeddable widget for integrating ReversingLabs Spectra Intelligence into web applications to analyze file hashes, URLs, domains, and IP addresses ... - [Integrating AWS S3 with Lambda for Spectra Detect](https://docs.reversinglabs.com//docs/Integrations/SpectraDetectAWS/user-guide.md): This article describes how to set up and configure the AWS S3 and Lambda to submit and analyze samples from ReversingLabs Spectra Detect service - [ReversingLabs Search Extension for Splunk Enterprise — Installation and Usage](https://docs.reversinglabs.com//docs/Integrations/Splunk/Splunk Enterprise/rl-search-extension-splunk-enterprise.md): Installation and usage guide for ReversingLabs Search Extension for Splunk Enterprise including custom search commands for file reputation lookups ... - [Automating Email Triage in Splunk SOAR](https://docs.reversinglabs.com//docs/Integrations/Splunk/Splunk SOAR/automating-email-triage.md): This article describes tips and tricks for automating email alert triage in Splunk SOAR. - [Automating File Artifact Enrichment in Splunk SOAR](https://docs.reversinglabs.com//docs/Integrations/Splunk/Splunk SOAR/enriching-file-artifacts.md): Build automated file enrichment playbooks in Splunk SOAR using ReversingLabs TitaniumCloud for reputation lookups, file detonation, and dynamic ana... - [Getting Started](https://docs.reversinglabs.com//docs/Integrations/Splunk/Splunk SOAR/getting-started.md): This document provides a quick reference for using ReversingLabs apps for Splunk SOAR - [Spectra Analyze App for Splunk SOAR Installation Guide](https://docs.reversinglabs.com//docs/Integrations/Splunk/Splunk SOAR/spectra-analyze-install-guide.md): This article describes how to setup and configure the ReversingLabs Spectra Analyze App for Splunk SOAR. - [Spectra Intelligence App for Splunk SOAR Installation Guide](https://docs.reversinglabs.com//docs/Integrations/Splunk/Splunk SOAR/spectra-intelligence-install-guide.md): This article describes how to setup and configure the ReversingLabs Spectra Intelligence App for Splunk SOAR. - [ReversingLabs Integrations — SIEM, SOAR, and Security Platforms](https://docs.reversinglabs.com//docs/Integrations/index.md): Integration guides for connecting ReversingLabs products with SIEM tools, SOAR platforms, threat intelligence systems, and security orchestration s... - [Advanced Search API — Query Samples on Spectra Analyze](https://docs.reversinglabs.com//docs/SpectraAnalyze/API Documentation/advanced-search-api.md): Search samples on Spectra Analyze and Spectra Intelligence using field queries, pagination, and sorting. POST /api/samples/v3/search/ endpoint refe... - [Classification Status API — Spectra Analyze](https://docs.reversinglabs.com//docs/SpectraAnalyze/API Documentation/classification-status-api.md): Retrieve threat classification, risk score, and detection status for samples in Spectra Analyze, with optional Spectra Intelligence fallback for un... - [Containers API — Spectra Analyze](https://docs.reversinglabs.com//docs/SpectraAnalyze/API Documentation/containers.md): Retrieve top-level container files from which requested samples were extracted during Spectra Analyze static analysis, supporting bulk hash lookups. - [Delete API — Remove Samples from Spectra Analyze](https://docs.reversinglabs.com//docs/SpectraAnalyze/API Documentation/delete-api.md): Delete samples and analysis data from Spectra Analyze. DELETE /api/samples/{hash}/ removes files, metadata, and extracted children. - [Deprecated Endpoints — Spectra Analyze API](https://docs.reversinglabs.com//docs/SpectraAnalyze/API Documentation/deprecated-api.md): Spectra Analyze deprecated API endpoints including Advanced Search V2 and Classification V1, with migration guidance for current endpoint versions. - [Download API — Download Samples from Spectra Analyze](https://docs.reversinglabs.com//docs/SpectraAnalyze/API Documentation/download-api.md): Download analyzed samples from Spectra Analyze to local storage. GET /api/samples/{hash}/download/ returns password-protected ZIP files. - [Dynamic Analysis Report API — Spectra Analyze](https://docs.reversinglabs.com//docs/SpectraAnalyze/API Documentation/dynamic-analysis-api.md): Generate and download PDF or HTML reports for samples analyzed in ReversingLabs Cloud Sandbox via Spectra Analyze API. - [Extracted Files API — Spectra Analyze](https://docs.reversinglabs.com//docs/SpectraAnalyze/API Documentation/extracted-files-api.md): List and download files extracted by Spectra Core from analyzed samples on Spectra Analyze. - [Full Report API — Retrieve Complete Analysis Reports](https://docs.reversinglabs.com//docs/SpectraAnalyze/API Documentation/full-report-api.md): Get complete analysis reports for samples on Spectra Analyze. POST /api/samples/v2/list/details/ returns static, dynamic, and cloud results. - [Spectra Analyze API Documentation — REST Endpoints & Authentication](https://docs.reversinglabs.com//docs/SpectraAnalyze/API Documentation/index.md): Integrate Spectra Analyze with automated workflows using REST APIs. Covers authentication tokens, file submissions, search, reports, and YARA manag... - [Licensing API — Spectra Analyze](https://docs.reversinglabs.com//docs/SpectraAnalyze/API Documentation/licensing.md): Generate machine IDs, upload license files, and check license status on Spectra Analyze appliances using the Licensing API endpoints. - [Network Threat Intelligence API — Spectra Analyze](https://docs.reversinglabs.com//docs/SpectraAnalyze/API Documentation/network-threat-intelligence.md): Query reputation data and threat analysis for URLs, domains, and IP addresses using Spectra Analyze Network Threat Intelligence API. - [PDF Report API — Spectra Analyze](https://docs.reversinglabs.com//docs/SpectraAnalyze/API Documentation/pdf-report-api.md): Create, check status, and download PDF analysis reports for samples on Spectra Analyze via three-step API workflow. - [Processing Status API — Monitor File Analysis Progress](https://docs.reversinglabs.com//docs/SpectraAnalyze/API Documentation/processing.md): Check analysis status for submitted files on Spectra Analyze. POST /api/samples/status/ returns processed or not_found status for hash queries. - [Reanalyze Local Samples API V2 — Spectra Analyze](https://docs.reversinglabs.com//docs/SpectraAnalyze/API Documentation/reanalyze-api-v2.md): Reanalyze multiple samples on Spectra Analyze with independently selectable services including Spectra Core, Cloud Sandbox, Cuckoo, Joe, and VMRay. - [Reanalyze Local Samples API V1 — Spectra Analyze](https://docs.reversinglabs.com//docs/SpectraAnalyze/API Documentation/reanalyze-api.md): Reanalyze existing samples on Spectra Analyze with Spectra Core, Spectra Intelligence, or dynamic analysis services using V1 endpoints. - [Redundant Status API — Spectra Analyze](https://docs.reversinglabs.com//docs/SpectraAnalyze/API Documentation/redundant.md): Check whether a Spectra Analyze instance is the primary node in a redundant cluster using the cluster_primary endpoint. - [Report Summary API — Get Analysis Report Summaries](https://docs.reversinglabs.com//docs/SpectraAnalyze/API Documentation/report-summary-api.md): Retrieve analysis report summaries for samples on Spectra Analyze. POST /api/samples/v2/list/ returns classification, risk, and metadata. - [Set Classification API — Override Sample Verdicts](https://docs.reversinglabs.com//docs/SpectraAnalyze/API Documentation/set-classification-api.md): Override sample classifications on Spectra Analyze or Spectra Intelligence. POST /api/samples/{hash}/setclassification/ for local or cloud overrides. - [Static Analysis Report API — Get Spectra Core Results](https://docs.reversinglabs.com//docs/SpectraAnalyze/API Documentation/static-analysis-report-api.md): Retrieve Spectra Core static analysis reports for samples on Spectra Analyze. GET /api/v2/samples/{hash}/ticore/ endpoint with field selection. - [Submissions API — Upload Files & URLs to Spectra Analyze](https://docs.reversinglabs.com//docs/SpectraAnalyze/API Documentation/submissions.md): Submit files and URLs to Spectra Analyze via REST API. POST /api/submit/file/ and /api/submit/url/ endpoints with tags, metadata, and analysis opti... - [Tags API — Manage User Tags for Samples](https://docs.reversinglabs.com//docs/SpectraAnalyze/API Documentation/tags-api.md): Add, remove, and list user tags for samples on Spectra Analyze. GET/POST/DELETE /api/samples/{hash}/usertags/ for custom sample organization. - [Timezone API — Spectra Analyze](https://docs.reversinglabs.com//docs/SpectraAnalyze/API Documentation/timezone-api.md): Set and query system timezone on Spectra Analyze appliances to control date and time display preferences via API. - [Obtain API Authentication Tokens for Spectra Analyze](https://docs.reversinglabs.com//docs/SpectraAnalyze/API Documentation/tokens.md): Generate API tokens for Spectra Analyze REST API authentication. Covers token creation via Authentication API and Administration panel. - [YARA API — Manage YARA Rulesets on Spectra Analyze](https://docs.reversinglabs.com//docs/SpectraAnalyze/API Documentation/yara-api.md): Manage YARA rulesets on Spectra Analyze: list, create, update, and delete rulesets. GET/POST/DELETE /api/yara/v2/rulesets/ endpoints. - [YARA Repository Management API — Spectra Analyze](https://docs.reversinglabs.com//docs/SpectraAnalyze/API Documentation/yara-repository-management-api.md): Manage YARA repositories on Spectra Analyze: create, update, delete repositories, schedule sync jobs, and publish rulesets via API. - [YARA Retro API — Spectra Analyze](https://docs.reversinglabs.com//docs/SpectraAnalyze/API Documentation/yara-retro-api.md): Start, stop, and monitor YARA retroactive hunts on Spectra Analyze for local and cloud retro scans via API endpoints. - [Appendix: Technical Reference — Spectra Analyze Administration](https://docs.reversinglabs.com//docs/SpectraAnalyze/Administration/configuration-update/appendix-tech-reference.md): Spectra Analyze technical reference covering SNMP trap thresholds, MIB definitions, and configuration parameters for appliance monitoring and alert... - [Backup & Purge — Spectra Analyze Administration](https://docs.reversinglabs.com//docs/SpectraAnalyze/Administration/configuration-update/backup-purge.md): Spectra Analyze Backup & Purge automates database backups and scheduled sample removal to manage appliance storage and enforce data retention polic... - [Certificates — Spectra Analyze Administration](https://docs.reversinglabs.com//docs/SpectraAnalyze/Administration/configuration-update/certificates.md): Manage Root CA certificates in Spectra Analyze to control trusted certificate authorities and enable secure connections with integrated services. - [Configuration](https://docs.reversinglabs.com//docs/SpectraAnalyze/Administration/configuration-update/configuration.md): System configuration settings and options for the Spectra Analyze appliance. - [Factory Reset](https://docs.reversinglabs.com//docs/SpectraAnalyze/Administration/configuration-update/factory-reset.md): Perform factory reset operations and Solr index reset for troubleshooting. - [Licensing](https://docs.reversinglabs.com//docs/SpectraAnalyze/Administration/configuration-update/licensing.md): Manage appliance licensing and license configuration. - [Redundancy System](https://docs.reversinglabs.com//docs/SpectraAnalyze/Administration/configuration-update/redundancy-system.md): Configure and manage redundancy system settings for high availability. - [System Update](https://docs.reversinglabs.com//docs/SpectraAnalyze/Administration/configuration-update/system-update.md): Manage system updates and software upgrades for the appliance. - [Connectors](https://docs.reversinglabs.com//docs/SpectraAnalyze/Administration/integrations-connectors/connectors.md): Spectra Analyze connectors configuration for external system integration with SIEM and orchestration platforms. - [Flexible Intel Feed](https://docs.reversinglabs.com//docs/SpectraAnalyze/Administration/integrations-connectors/flexible-intel-feed.md): Spectra Analyze Flexible Intel Feed configuration for STIX/TAXII threat intelligence integration with Spectra Intelligence. - [Integrations](https://docs.reversinglabs.com//docs/SpectraAnalyze/Administration/integrations-connectors/integrations.md): Spectra Analyze service integrations configuration for dynamic analysis sandboxes, threat feeds, and analysis enhancement. - [YARA Repositories](https://docs.reversinglabs.com//docs/SpectraAnalyze/Administration/integrations-connectors/yara-repositories.md): Spectra Analyze YARA repositories management for rule synchronization, online sources, and custom GitHub configuration. - [Quota Usage Alerts](https://docs.reversinglabs.com//docs/SpectraAnalyze/Administration/usage-alerts/quota-usage-alerts.md): Spectra Analyze quota usage alerts configuration for email notifications on Spectra Intelligence usage and threshold monitoring. - [System Status](https://docs.reversinglabs.com//docs/SpectraAnalyze/Administration/usage-alerts/system-status.md): Spectra Analyze System Status monitoring for appliance health, service status, resource utilization, and system log retrieval. - [Layouts Editor](https://docs.reversinglabs.com//docs/SpectraAnalyze/Administration/users-personalization/layouts-editor.md): Spectra Analyze Layouts Editor for customizing sample summary displays with data blocks, sharing, and personalization options. - [Tokens](https://docs.reversinglabs.com//docs/SpectraAnalyze/Administration/users-personalization/tokens.md): Spectra Analyze authentication token management for API access control and per-user key configuration and administration. - [User Roles](https://docs.reversinglabs.com//docs/SpectraAnalyze/Administration/users-personalization/user-roles.md): Spectra Analyze role-based access control for creating, editing, and managing custom user roles and permission assignments. - [Users](https://docs.reversinglabs.com//docs/SpectraAnalyze/Administration/users-personalization/users.md): Spectra Analyze user management for creating accounts, configuring access, and managing user directory and authentication settings. - [Open source packages and licenses](https://docs.reversinglabs.com//docs/SpectraAnalyze/Appendix/OSS.md): Spectra Analyze open source software licenses and third-party package attributions for compliance and transparency. - [Risk Tolerance [PREVIEW]](https://docs.reversinglabs.com//docs/SpectraAnalyze/Appendix/risktolerance.md): Spectra Analyze Risk Tolerance feature extends sample classification with additional analysis services for customized threat assessment. - [Self-Service Registration](https://docs.reversinglabs.com//docs/SpectraAnalyze/Appendix/self-service-registration.md): Spectra Analyze self-service registration setup with identity providers like Okta using SAML and OIDC integration. - [Discussion](https://docs.reversinglabs.com//docs/SpectraAnalyze/Sample Details/discussion.md): The Discussion page displays the comments that have been added to a sample, either by the user who uploaded it or by other users. - [Dynamic Analysis Results](https://docs.reversinglabs.com//docs/SpectraAnalyze/Sample Details/dynamic-analysis-results.md): The Sample Details page shows any dynamic analysis service reports, if dynamic analysis services are configured on the appliance. - [Extracted Files](https://docs.reversinglabs.com//docs/SpectraAnalyze/Sample Details/extracted-files.md): A page that allows browsing through the entire hierarchy of files extracted from a sample. - [File Preview / Visualization](https://docs.reversinglabs.com//docs/SpectraAnalyze/Sample Details/file-preview.md): The file preview window can be used to preview image samples, text documents and some script languages. It also provides Entropy and Structure tabs... - [Sample Details Page](https://docs.reversinglabs.com//docs/SpectraAnalyze/Sample Details/index.md): The Sample Details page presents all the available information about a sample. - [Network Threat Intelligence Page](https://docs.reversinglabs.com//docs/SpectraAnalyze/Sample Details/network-threat-intelligence.md): Spectra Analyze Network Threat Intelligence reveals URL, IP, and domain reputation with threat analysis, DOM inspection, and historical threat inte... - [Sample Details Summary](https://docs.reversinglabs.com//docs/SpectraAnalyze/Sample Details/sample-details-summary.md): The Report Summary page highlights the most interesting information about an analyzed sample. - [Sources](https://docs.reversinglabs.com//docs/SpectraAnalyze/Sample Details/sources.md): The Sources page displays different types of sources for the selected sample, their time and date of retrieval, as well as any additional information. - [Spectra Core - Static Analysis Results](https://docs.reversinglabs.com//docs/SpectraAnalyze/Sample Details/spectra-core.md): Spectra Analyze Spectra Core results display static analysis reports with file information, behavior indicators, and risk assessment organized by s... - [Threat Classification Sources](https://docs.reversinglabs.com//docs/SpectraAnalyze/Sample Details/threat-classification-sources.md): Threats can be classified by Spectra Core, Spectra Intelligence, dynamic analysis, or manually overridden. This page also contains a list of all po... - [Threat Intelligence (Spectra Intelligence)](https://docs.reversinglabs.com//docs/SpectraAnalyze/Sample Details/threat-intelligence.md): Spectra Analyze Threat Intelligence displays Spectra Intelligence cloud data including AV detections, threat history, and malware reputation over t... - [Advanced Search](https://docs.reversinglabs.com//docs/SpectraAnalyze/advanced-search.md): Spectra Analyze Advanced Search delivers metadata search with 100+ keywords, Boolean operators, and cross-cloud discovery for malware identification. - [Spectra Analyze Alerts — Subscriptions, Delivery Methods & Notifications](https://docs.reversinglabs.com//docs/SpectraAnalyze/alerts.md): Set up Spectra Analyze alert subscriptions to receive real-time email or in-app notifications when malware classification or analysis results change. - [Spectra Analyze Dashboard — Submission Stats, Trends & PDF Reports](https://docs.reversinglabs.com//docs/SpectraAnalyze/dashboard.md): View Spectra Analyze submission statistics, malware classification trends, YARA match counts, and threat analytics across configurable time ranges.... - [Analysis services](https://docs.reversinglabs.com//docs/SpectraAnalyze/dynamic-analysis.md): Spectra Analyze Analysis services integrate dynamic and static analysis with ReversingLabs Cloud Sandbox, Cuckoo, Joe Sandbox, and third-party sand... - [File and URL Submissions](https://docs.reversinglabs.com//docs/SpectraAnalyze/file-submissions.md): Spectra Analyze File and URL Submissions enable manual and automated analysis with sandbox integration, extraction, and multi-service threat detect... - [Graph — Spectra Analyze [PREVIEW]](https://docs.reversinglabs.com//docs/SpectraAnalyze/graph.md): Spectra Analyze Graph visualizes relationships between malware samples, files, domains, and IPs for interactive threat exploration, node navigation... - [Setup and initial configuration](https://docs.reversinglabs.com//docs/SpectraAnalyze/initial-configuration.md): Spectra Analyze initial setup and configuration guide covering system requirements, deployment, licensing, and first-time appliance configuration. - [Search & Submissions Page](https://docs.reversinglabs.com//docs/SpectraAnalyze/search-page.md): Spectra Analyze Search & Submissions provides local and cloud file queries, bulk operations, filtered results, and network resource analysis tools. - [Spectra Analyze Tags — System Tags, User Tags & Advanced Search](https://docs.reversinglabs.com//docs/SpectraAnalyze/tags.md): Use Spectra Analyze system and user tags to categorize malware samples, then search by tag and tag-user keywords in Advanced Search for filtered re... - [Spectra Analyze Troubleshooting — Upload Failures, API Errors & Licensing](https://docs.reversinglabs.com//docs/SpectraAnalyze/troubleshooting.md): Resolve common Spectra Analyze issues: file upload failures, HTTP 413 errors, classification problems, license warnings, disk space alerts, and API... - [YARA Retroactive Hunting](https://docs.reversinglabs.com//docs/SpectraAnalyze/yara-retro.md): Spectra Analyze YARA Retroactive Hunting scans historical samples and cloud data for rule matches, uncovering previously hidden malware detections. - [YARA Hunting](https://docs.reversinglabs.com//docs/SpectraAnalyze/yara.md): Spectra Analyze YARA Hunting enables custom ruleset creation, cloud synchronization, and malware detection with continuous and retroactive scanning. - [SpectraDetect Management API — SDM Authorization, Backup, and Appliance Setup](https://docs.reversinglabs.com//docs/SpectraDetect/API/ManagementAPI.md): Use the Spectra Detect Manager API to obtain auth tokens via POST /api/v1/auth/token/, back up and restore, connect appliances, configure connector... - [SpectraDetect Prometheus Metrics API — GET /metrics and honor_labels Setup](https://docs.reversinglabs.com//docs/SpectraDetect/API/MetricsAPI.md): Scrape Spectra Detect appliance health and performance metrics via GET /metrics with Prometheus, using honor_labels: true to preserve job labels an... - [SpectraDetect Worker Service API — System Status and Processing Queue](https://docs.reversinglabs.com//docs/SpectraDetect/API/ServiceAPI.md): Check Spectra Detect Worker system status and retrieve processing statistics using the Service API at GET /srv/tiscale/v1/sysinfo with token-based ... - [SpectraDetect Usage API — File Submission, Task Status, and Report Retrieval](https://docs.reversinglabs.com//docs/SpectraDetect/API/UsageAPI.md): Submit files to Spectra Detect Worker via POST /srv/tiscale/v1/task, check task status with GET /srv/tiscale/v1/task, and retrieve analysis reports. - [SpectraDetect API — Manager, Service, Metrics, and Usage Endpoints](https://docs.reversinglabs.com//docs/SpectraDetect/API/index.md): Access Spectra Detect REST APIs for Manager administration, Service operations, Metrics monitoring, and Usage reporting across Workers, Hubs, and SDM. - [SpectraDetect Authentication — LDAP, OAuth 2.0, OpenID Connect, and SAML](https://docs.reversinglabs.com//docs/SpectraDetect/Admin/Authentication.md): Configure Spectra Detect Manager authentication: set session duration, enable LDAP, OAuth 2.0/OpenID Connect, or SAML SSO for secure user access. - [SpectraDetect Email Alerting — Quota Notifications and Alert Thresholds](https://docs.reversinglabs.com//docs/SpectraDetect/Admin/EmailAlerting.md): Configure Spectra Detect email alerts for Spectra Intelligence quota warnings: enable alerting, manage recipients, and set threshold levels. - [SpectraDetect Manager Settings — Network, SSL, and System Configuration](https://docs.reversinglabs.com//docs/SpectraDetect/Admin/ManagerSettings.md): Configure Spectra Detect Manager global settings: network configuration, SSL certificates, system preferences, licensing, and installation-specific... - [Updating Spectra Detect — .bin Upload, Spectra Intelligence, and Air-Gapped Upgrades](https://docs.reversinglabs.com//docs/SpectraDetect/Admin/Updating.md): Update Spectra Detect Manager and Worker appliances by uploading .bin files manually or downloading from Spectra Intelligence, including air-gapped... - [SpectraDetect Administration — Manager Settings, Users, and Licensing](https://docs.reversinglabs.com//docs/SpectraDetect/Admin/index.md): Administer Spectra Detect Manager: configure authentication, manage users and roles, set up email alerts, apply updates, and monitor licensing. - [SpectraDetect Open Source Licenses — Worker, Hub, and Manager RPM/NPM Packages](https://docs.reversinglabs.com//docs/SpectraDetect/Appendix/OSS.md): View all open source RPM and NPM package licenses used in Spectra Detect Worker, Hub, and Manager appliances, including third-party software attrib... - [SpectraDetect Appendix — Reference Materials and Open Source Licenses](https://docs.reversinglabs.com//docs/SpectraDetect/Appendix/index.md): Find Spectra Detect supplementary reference materials, including open source RPM and NPM package licenses for Worker, Hub, and Manager appliances. - [SpectraDetect Analysis Input — Connector Configuration for Email and S3](https://docs.reversinglabs.com//docs/SpectraDetect/Config/AnalysisInput.md): Configure Spectra Detect Connectors to automatically ingest files from IMAP/Exchange, S3 buckets, and other sources, with pause, disable, and reten... - [SpectraDetect Appliance Configuration — Central Configuration and Hub Groups](https://docs.reversinglabs.com//docs/SpectraDetect/Config/ApplianceConfiguration.md): Use Spectra Detect Central Configuration to remotely manage appliance settings, create Hub groups, configure egress integrations, and apply changes... - [SpectraDetect Certificate Management — Root CA Trust Store](https://docs.reversinglabs.com//docs/SpectraDetect/Config/CertificateManagement.md): Add, trust, and distrust Root CA certificates in SpectraDetect's trust store to control TLS validation for Manager, Hub, Worker, and Spectra Analyz... - [Spectra Detect Filter Management — Advanced Egress Filtering Rules](https://docs.reversinglabs.com//docs/SpectraDetect/Config/FilterManagement.md): Build advanced inclusive or exclusive egress filters in Spectra Detect using file type, classification, YARA match, MITRE technique, and behavior c... - [Spectra Detect Notifications — Classification Alerts and Delivery Rules](https://docs.reversinglabs.com//docs/SpectraDetect/Config/Notifications.md): Manage Spectra Detect notifications for cloud classification changes: filter by period, read status, and classification, and deliver alerts via ema... - [Spectra Detect Redundancy — Manager Clustering and Failover](https://docs.reversinglabs.com//docs/SpectraDetect/Config/Redundancy.md): Configure Spectra Detect Manager redundancy with active-passive clustering, automatic failover, and load balancer integration for high availability... - [Spectra Detect YARA Sync — Ruleset Synchronization Across Appliances](https://docs.reversinglabs.com//docs/SpectraDetect/Config/YARASync.md): Track and trigger YARA ruleset sync across Spectra Detect Workers and Spectra Analyze appliances, with sync statuses: InSync, OutOfSync, PendingNew... - [Spectra Detect Configuration — Appliances, Integrations, YARA, and Settings](https://docs.reversinglabs.com//docs/SpectraDetect/Config/index.md): Configure Spectra Detect appliances, scan inputs, egress integrations, YARA sync, notifications, redundancy, and certificate management via SDM. - [SpectraDetect AWS EKS Config Reference — Secrets and ConfigMap Values](https://docs.reversinglabs.com//docs/SpectraDetect/Deployment/AWS-EKS-Deployment-Micro/config-reference.md): Reference all Spectra Detect EKS Secrets and ConfigMap keys for Worker pods: S3, Azure ADL, Splunk, Spectra Intelligence, authentication, and archi... - [SpectraDetect AWS EKS Microservices Deployment — Helm, KEDA, and RabbitMQ](https://docs.reversinglabs.com//docs/SpectraDetect/Deployment/AWS-EKS-Deployment-Micro/index.md): Deploy Spectra Detect on AWS EKS using Helm charts with KEDA autoscaling, Prometheus monitoring, RabbitMQ broker options, and ConfigMap-based Worke... - [SpectraDetect Central SDM — Federated Manager Monitoring and YARA Policy Sync](https://docs.reversinglabs.com//docs/SpectraDetect/Deployment/Central SDM/index.md): Deploy Central Spectra Detect Manager (CSDM) to aggregate dashboards and sync YARA policies across federated OVA and Kubernetes SDM instances via M... - [SpectraDetect Deployment — OVA, AMI, Kubernetes EKS, and Multi-Region](https://docs.reversinglabs.com//docs/SpectraDetect/Deployment/index.md): Deploy Spectra Detect as OVA, AMI, or Kubernetes container images on AWS EKS, with guides covering multi-region, Central SDM, and Helm-based micros... - [SpectraDetect Multi-Region Deployment — High Availability and Data Residency](https://docs.reversinglabs.com//docs/SpectraDetect/Deployment/multi-region-deployment.md): Deploy Spectra Detect across geographic regions using global load balancers, active/standby SDM and Hub pairs, and per-region Worker clusters for H... - [Spectra Detect File Analysis — Worker API, Reports, and Spectra Core Results](https://docs.reversinglabs.com//docs/SpectraDetect/Usage/Analysis.md): Submit files to Spectra Detect Worker API for Spectra Core analysis, retrieve reports via callback or polling, and customize output with field sele... - [Spectra Detect Dashboard — Manager UI, Navigation, and Status Indicators](https://docs.reversinglabs.com//docs/SpectraDetect/Usage/Dashboard.md): Navigate the Spectra Detect Manager dashboard: monitor quota usage, view appliance status, access detections overview, and manage notifications fro... - [Spectra Detect YARA Hunting — Custom Rules, Modules, and Worker Sync](https://docs.reversinglabs.com//docs/SpectraDetect/Usage/YARA.md): Create and deploy custom YARA rulesets on Spectra Detect Workers with supported modules (PE, ELF, Math, Hash), naming rules, and sync via Spectra D... - [Spectra Detect Usage — Analysis, Dashboards, and YARA Management](https://docs.reversinglabs.com//docs/SpectraDetect/Usage/index.md): Use Spectra Detect to analyze files, view detection dashboards, manage YARA rulesets, and monitor analysis results across Workers and Hubs. - [Spectra Detect Troubleshooting — Workers, Queues, YARA Sync, and Updates](https://docs.reversinglabs.com//docs/SpectraDetect/troubleshooting.md): Diagnose and fix Spectra Detect issues: Worker nodes not appearing in SDM, growing analysis queues, YARA sync failures, TLS certificate errors, and... - [Spectra Intelligence Automation API — Upload, Download & Monitor](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/Automation/index.md): Upload, download, delete, and monitor file samples in the Spectra Intelligence repository using tca-0201 through tca-0206 Automation APIs. - [File Download API (tca-0201) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/Automation/tca-0201.md): Download file samples from the Spectra Intelligence repository by MD5, SHA1, or SHA256 hash using tca-0201; supports multi-threaded downloads at up... - [File Upload API (tca-0202/tca-0203) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/Automation/tca-0202-0203.md): Upload file samples and metadata to Spectra Intelligence using tca-0202 and tca-0203; triggers automatic analysis pipeline and supports archive pas... - [Delete File API (tca-0204) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/Automation/tca-0204.md): Delete user-owned samples from the Spectra Intelligence repository using tca-0204; accepts single or bulk hash requests (MD5, SHA1, SHA256) of up t... - [Reanalyze File API (tca-0205) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/Automation/tca-0205.md): Trigger rescanning of file samples with updated AV signatures in Spectra Intelligence using tca-0205; supports single and bulk hash requests of up ... - [Reputation & Metadata Alerts API (tca-0206) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/Automation/tca-0206.md): Subscribe to up to 1 billion file and URL hashes in Spectra Intelligence via tca-0206 and receive Data Change Feed notifications when classificatio... - [Certificate Threat Intelligence API — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/CertThreatIntel/index.md): Spectra Intelligence Certificate Threat Intelligence APIs for investigating code signing certificates, finding signed samples, and detecting certif... - [Certificate Report API (TCA-0501) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/CertThreatIntel/tca-0501.md): Submit a certificate thumbprint to TCA-0501 and receive a list of signed samples with reputation data, metadata, classification, and download avail... - [Certificate-to-File Association API (TCA-0502) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/CertThreatIntel/tca-0502.md): Submit certificate thumbprints to TCA-0502 and receive analytics including sample counts by classification, blacklist status, trust factor, threat ... - [Certificate Analytics API (TCA-0503) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/CertThreatIntel/tca-0503.md): Submit a certificate common name or partial name to TCA-0503 and receive matching common names with their associated MD5, SHA1, and SHA256 thumbpri... - [Customer Administration & Usage API — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/CustomerUsage/index.md): Spectra Intelligence Customer Administration APIs for managing users, licenses, usage quotas, and automated email alerts on your account. - [Customer API Usage API (TCA-9999) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/CustomerUsage/tca-9999.md): Manage Spectra Intelligence accounts with TCA-9999: view and create users, monitor license and API usage limits, and configure automated email usag... - [Spectra Intelligence RL Cloud Sandbox API — Dynamic Analysis](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/DynamicAnalysis/index.md): Submit files and URLs for sandbox detonation and retrieve behavioral reports using Spectra Intelligence tca-0207 and tca-0106 RL Cloud Sandbox APIs. - [Dynamic Analysis Results API (TCA-0106) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/DynamicAnalysis/tca-0106.md): Retrieve dynamic analysis reports from TCA-0106 for files and URLs detonated in the ReversingLabs sandbox, including behavior, network traffic, and... - [Dynamic Analysis Submission API (tca-0207) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/DynamicAnalysis/tca-0207.md): Submit files or URLs to Spectra Intelligence tca-0207 for sandbox detonation on Win11, Win10, Win7, macOS, Linux, or Android; retrieve results via ... - [Spectra Intelligence File Threat Intelligence API Overview](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/FileThreatIntel/index.md): Query file reputation, retrieve multi-AV scan results, and get detailed malware analysis reports by hash using Spectra Intelligence tca-0101 throug... - [File Reputation API (tca-0101) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/FileThreatIntel/tca-0101.md): Query malware status, threat level, trust factor, and malware family for MD5, SHA1, or SHA256 hashes using the Spectra Intelligence tca-0101 File R... - [File Reputation Override API (tca-0102) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/FileThreatIntel/tca-0102.md): Override file classifications to malicious, suspicious, or known using Spectra Intelligence tca-0102; manage false positives and list org-wide over... - [Historic Multi-AV Scan Records API (tca-0103) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/FileThreatIntel/tca-0103.md): Retrieve current and historical multi-AV scan records for file hashes using Spectra Intelligence tca-0103; supports single and bulk queries of up t... - [File Analysis API (tca-0104) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/FileThreatIntel/tca-0104.md): Retrieve comprehensive file analysis from Spectra Intelligence tca-0104: static analysis, dynamic behavior, AV scans, certificates, URLs, and IP/do... - [Goodware Analysis API (tca-0105) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/FileThreatIntel/tca-0105.md): Retrieve trust factor, hashes, relationships, size, and sources for known-good files only using Spectra Intelligence tca-0105; returns 404 for mali... - [Spectra Intelligence Malware Hunting API — YARA, Search & IoC](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/MalwareHunting/index.md): Hunt threats using Spectra Intelligence Malware Hunting APIs: YARA rules, advanced search, RHA1 similarity, IoC retrieval, and industry-specific ma... - [Functionally Similar Files API (tca-0301) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/MalwareHunting/tca-0301.md): Find functionally similar files using Spectra Intelligence tca-0301 and the RHA1 algorithm; query by SHA1 hash at 25% or 50% precision for PE, Mach... - [Imphash Similarity API (tca-0302) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/MalwareHunting/tca-0302.md): Find Windows PE files sharing the same import hash (imphash) using Spectra Intelligence tca-0302; returns SHA1 hashes paginated at up to 1000 recor... - [YARA Hunting API (tca-0303) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/MalwareHunting/tca-0303.md): Upload YARA rulesets to Spectra Intelligence tca-0303 to match text or binary patterns against newly ingested samples; supports PE, ELF, Dex, Macho... - [Vertical Feeds Statistics API (tca-0307–0311, tca-0317) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/MalwareHunting/tca-0307-0311_0317.md): Query weekly malware family statistics by industry category using Spectra Intelligence tca-0307 to tca-0311 and tca-0317 — APT, Financial, Ransomwa... - [Vertical Feeds Search API (tca-0312–0316, tca-0318) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/MalwareHunting/tca-0312-0316_0318.md): Search industry-specific malware feeds in Spectra Intelligence by family name using tca-0312 to tca-0316 and tca-0318; covers APT, Financial, Ranso... - [YARA Retro Hunting API (tca-0319) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/MalwareHunting/tca-0319.md): Run YARA rulesets retroactively against the last 90 days of Spectra Intelligence samples using tca-0319; manage retro hunts with retro-admin and fe... - [Expression Search API (TCA-0320) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/MalwareHunting/tca-0320.md): Submit advanced search queries to TCA-0320 to filter Spectra Intelligence samples by classification, threat level, malware family, file type, and n... - [File Bulk Analysis API (TCA-0321) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/MalwareHunting/tca-0321.md): Submit a SHA1 hash to TCA-0321 and receive real-time statistics on malicious, suspicious, and known files that are functionally similar at a select... - [Network Infrastructure API (TCA-0330) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/MalwareHunting/tca-0330.md): Query TCA-0330 for structured IoC data on samples and URLs with filtering by classification, threat level, malware family, platform, and vertical; ... - [Network Threat Intelligence API — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/NetworkThreatIntel/index.md): Spectra Intelligence Network Threat Intelligence APIs for investigating URLs, domains, and IP addresses, querying reputation data, and correlating ... - [Domain Report API (TCA-0401) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/NetworkThreatIntel/tca-0401.md): Submit a URI SHA1 or plain-text value to TCA-0401 and receive SHA1 hashes of files that referenced the URI (email, URL, IPv4, or domain) during sta... - [IP Report API (TCA-0402) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/NetworkThreatIntel/tca-0402.md): Submit a URI SHA1 to TCA-0402 and receive counts of known, malicious, and suspicious files associated with that URI (email, URL, IPv4, or domain) f... - [URL Report API (TCA-0403) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/NetworkThreatIntel/tca-0403.md): Submit a URL to TCA-0403 and receive a threat report including ReversingLabs classification, third-party reputation, analysis history, and associat... - [URL Submission API (TCA-0404) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/NetworkThreatIntel/tca-0404.md): Submit URLs to TCA-0404 for analysis including content download, screenshots, and dynamic analysis in Spectra Intelligence. - [Domain-to-IP Resolution API (TCA-0405) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/NetworkThreatIntel/tca-0405.md): Query TCA-0405 for domain reports with reputation, DNS records, certificates, related URLs, and subdomains from Spectra Intelligence. - [IP-to-Domain Resolution API (TCA-0406) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/NetworkThreatIntel/tca-0406.md): Query TCA-0406 for IP address reports with reputation, WHOIS, GeoIP, hosted files, and domain resolutions from Spectra Intelligence. - [URL-to-File Association API (TCA-0407) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/NetworkThreatIntel/tca-0407.md): Query TCA-0407 for reputation data on URLs, domains, and IP addresses with third-party detections from Spectra Intelligence. - [Related Domains API (TCA-0408) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/API/NetworkThreatIntel/tca-0408.md): Use TCA-0408 to override URL classifications within your organization and manage existing overrides in Spectra Intelligence. - [CVE and In-the-Wild Exploits Feed — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/Feed/CVE/index.md): Spectra Intelligence CVE feeds deliver daily exploit overviews, per-CVE file hashes, hourly and daily new exploit samples detected in the wild. - [CVE Report Feed (TCF-0201) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/Feed/CVE/tcf-0201.md): Consume TCF-0201 to get a daily overview of CVE identifiers detected in Spectra Intelligence for files exploiting known vulnerabilities collected i... - [CVE-to-Hash Feed (TCF-0202) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/Feed/CVE/tcf-0202.md): Consume TCF-0202 for per-day reports on CVE identifiers with associated file hashes, scan counts, SHA1/MD5/SHA256, and threat names from Spectra In... - [CVE Changelog Feed (TCF-0203) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/Feed/CVE/tcf-0203.md): Consume TCF-0203 for hourly lists of new file hashes containing CVE or exploit identifications detected in Spectra Intelligence; includes first-sca... - [CVE Exploit Feed (TCF-0204) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/Feed/CVE/tcf-0204.md): Consume TCF-0204 for daily lists of new file hashes containing CVE or exploit identifications detected in Spectra Intelligence; includes first-scan... - [Certificate Indicators Feed — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/Feed/CertIndicators/index.md): Spectra Intelligence Certificate Indicator feeds provide continuous streams of code signing certificates and their signed samples to detect imperso... - [Certificate Indicators Feed (TCF-0601) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/Feed/CertIndicators/tcf-0601.md): Consume TCF-0601 for a continuous stream of code signing certificates with signed sample hashes, classification filter support, and detection of im... - [File Indicators Feed — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/Feed/FileIndicators/index.md): Spectra Intelligence File Indicator feeds deliver continuous streams of newly detected malware, AV scan results, classification changes, and first-... - [Malicious Files Feed (TCF-0101) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/Feed/FileIndicators/tcf-0101.md): Consume TCF-0101 to receive a continuous stream of new samples with at least one AV scanner detection, including file hashes, file type, and target... - [File Indicators Feed (TCF-0102-0106) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/Feed/FileIndicators/tcf-0102-0106.md): Consume TCF-0102-0106 to get platform-filtered malware detections from Spectra Intelligence; separate feeds for Windows, Android, macOS, and other ... - [YARA Ruleset Feed (TCF-0107) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/Feed/FileIndicators/tcf-0107.md): Consume TCF-0107 to receive a continuous stream of file hashes scanned for the first time in Spectra Intelligence; records are retained for 365 days. - [File Download Feed (TCF-0108) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/Feed/FileIndicators/tcf-0108.md): Consume TCF-0108 to receive a continuous list of Spectra Intelligence samples that have been scanned for the first time or rescanned; records retai... - [Daily File Indicators Feed (TCF-0109) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/Feed/FileIndicators/tcf-0109-V3.md): Consume TCF-0109 to receive a continuous list of Spectra Intelligence samples showing detection changes between multi-AV scan reports; records reta... - [Sample Feed (TCF-0111) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/Feed/FileIndicators/tcf-0111.md): Consume TCF-0111 to receive new malicious samples, false positive reclassifications, and threat name changes from the Spectra Intelligence malware ... - [Industry Sector Indicators Feed — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/Feed/IndustryIndicators/index.md): Spectra Intelligence Industry Sector feeds deliver early-warning malware samples filtered by category: APT, Financial, Retail, Ransomware, CVE Expl... - [Industry Sector Indicators Feed (TCF-0401-0406) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/Feed/IndustryIndicators/tcf-0401-0406.md): Consume TCF-0401-0406 for early-warning malware samples from Spectra Intelligence filtered by industry category: Financial, Retail, Ransomware, Exp... - [Network Indicators Feed — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/Feed/NetworkIndicators/index.md): Spectra Intelligence Network Indicator feeds provide continuous streams of malicious URLs detected in the system, with associated file metadata and... - [Network Indicators Feed (TCF-0301) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/Feed/NetworkIndicators/tcf-0301.md): Consume TCF-0301 for a continuous stream of malicious URLs identified by Spectra Intelligence, including associated file SHA1/SHA256 hashes and thr... - [Supply Chain Security Feed — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/Feed/SupplyChainSecurity/index.md): Spectra Intelligence Supply Chain Security feeds track malicious Open Source Software packages and reclassification events with near-real-time thre... - [Supply Chain Security Feed (TCF-0701) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/Feed/SupplyChainSecurity/tcf-0701.md): Consume TCF-0701 for malicious Open Source Software packages and reclassification events from Spectra Intelligence, with full historical data and a... - [TAXII Feeds — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/Feed/TAXII/index.md): Spectra Intelligence TAXII feeds deliver curated threat intelligence in STIX 2.1 format via TAXII 2.1, enabling integration with platforms like Ope... - [TAXII Feed Setup (TCTF-0001-0002) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/Feed/TAXII/tctf-0001-0002.md): Consume TCTF-0001/0002 for curated ransomware IOCs via TAXII 2.1 in STIX format, including ransomware files, C2 infrastructure, and payload downloa... - [TAXII Feed Subscription (TCTF-0003) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/Feed/TAXII/tctf-0003.md): Query the Spectra Intelligence Flexible Intel Feed (TCTF-0003) via TAXII 2.1 to receive private STIX 2.1 IOCs scoped to your account's submissions,... - [Trusted Certificates Feed — Whitelist File Indicators — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/Feed/WhitelistIndicators/index.md): Spectra Intelligence Whitelist File Indicator feeds deliver continuous streams of newly whitelisted known-good files and track changes from known t... - [Trusted Certificates Feed (TCF-0501) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/Feed/WhitelistIndicators/tcf-0501.md): Consume TCF-0501 for a continuous stream of newly whitelisted known-good files from Spectra Intelligence; requires trusted source and at least two ... - [Revoked Certificates Feed (TCF-0502) — Spectra Intelligence](https://docs.reversinglabs.com//docs/SpectraIntelligence/Feed/WhitelistIndicators/tcf-0502.md): Consume TCF-0502 for a continuous list of Spectra Intelligence samples whose whitelist status changed from KNOWN to MALICIOUS or SUSPICIOUS, with M... - [Spectra Intelligence Browser Extension for Chrome — ReversingLabs](https://docs.reversinglabs.com//docs/SpectraIntelligence/browser-extension.md): Install and use the ReversingLabs Chrome extension to query Spectra Intelligence for file hashes, URLs, domains, and IPs directly from any webpage. - [Spectra Intelligence Troubleshooting — Fix 401, 429 & Feed Errors](https://docs.reversinglabs.com//docs/SpectraIntelligence/troubleshooting.md): Resolve Spectra Intelligence API errors: fix 401 Unauthorized, 429 rate limit exceeded, feed timeout issues, and unexpected file classification res... - [T1000 R1](https://docs.reversinglabs.com//docs/T1000/R1/index.md): T1000 R1 threat intelligence appliance documentation covering deployment, configuration and management features. - [File reputation (TCA-0101)](https://docs.reversinglabs.com//docs/T1000/R1/tca-0101.md): The File Reputation (Malware Presence) service provides information about the malware status of requested samples. - [T1000 XG](https://docs.reversinglabs.com//docs/T1000/XG/index.md): T1000 XG threat intelligence appliance documentation covering deployment, configuration and management features. - [File reputation (TCA-0101)](https://docs.reversinglabs.com//docs/T1000/XG/tca-0101.md): The File Reputation (Malware Presence) service provides information about the malware status of requested samples. - [Historic multi-AV scan records (TCA-0103)](https://docs.reversinglabs.com//docs/T1000/XG/tca-0103.md): The Historic Multi-AV Scan Records service provides multi-AV scan reports for a given sample. - [File analysis (TCA-0104)](https://docs.reversinglabs.com//docs/T1000/XG/tca-0104.md): The File Analysis service provides analysis data on requested hashes. - [Cyber Forensic Service (XG CFS)](https://docs.reversinglabs.com//docs/T1000/XG/xg-cfs.md): XG CFS provides all available cyber forensic Spectra Intelligence XG metadata for the requested sample(s) on the T1000 XG appliance. - [Configuration](https://docs.reversinglabs.com//docs/T1000/configuration.md): T1000 appliance configuration including web management interface, authorization and Spectra Intelligence integration. - [Deployment](https://docs.reversinglabs.com//docs/T1000/deployment.md): T1000 virtual appliance deployment including OVA/AMI setup and hardware requirements for R1, XG and AV models. - [Management](https://docs.reversinglabs.com//docs/T1000/management.md): Configure and manage the T1000 appliance including network settings, DNS, NTP, and system administration through the VM console interface.