What can you do with Secure Malware Analytics APIs?
Sample Analysis
  • Submit Files for analysis
  • Parse results for indicators
  • Take action in the environment
Context and Enrichment
  • Associate indicators with a malware family
  • Link a payload delivery to a Word Doc
  • Correlate host and network indicators
Threat Hunting
  • Find naming patterns in files or domains
  • Map out infrastructure used in a campaign
  • Collect command line arguments used by malware

Get started with the Learning Labs

Introduction to Cisco Threat Grid Platform
Introduction to Cisco Threat Grid Platform
The purpose of this learning lab is to understand the basics of the Cisco Threat Grid platform.
Introduction to the Threat Grid API
Introduction to the Threat Grid API
The purpose of this learning lab is to understand the basics of the Cisco Threat Grid API and how to easily operationalize the threat intelligence it makes available.
Find sample code and scripts
Python
Threat Grid Basics
byCisco
Scripts that cover the basics of interacting with the Threat Grid API
Python
Working with Tags
byCisco
Scripts to leverage tagging capabilities of Threat Grid
Python
Bulk Submit
byCisco
Easily submit files in bulk to Threat Grid via the API
Python
Sample Collection
byCisco
Example of continuously collecting Sample ID's for and organizations submitted samples
Python
Rate Limit Check
byCisco
Check the user and organization API rate limits for a given API Key
Python
Indicator to IPs and Domains
byCisco
Query for one or more indicators and get a list of public IPs and domains
View more sample code