Get threats
Get information for a specific threat in a tenant.
Service endpoint | /threats/v2/{{sha256}} |
Optional query string parameters | — |
Example | https://protectapi.cylance.com/threats/v2/D4C46F87A745C3DFA9E7401507FA14E544CF9310E3860F922FE97C2DDB3F12A1 |
Method | HTTP/1.1 GET |
Request headers |
|
Request
None
Response
Please see the Response status codes for more information.
Response JSON schema
Field Name | Description |
|---|---|
avIndustry | This is the threat data from the AV industry. |
certIssuer | This is the certificate issuer. |
certPublisher | This is the certificate publisher. |
certTimestamp | This is the date and time when the certificate was created. |
classification | This is the classification of the threat (For example, PUP indicates a potentially unwanted program). |
dateDetected | This is the date and time the threat was detected on the device. |
dateFirstDetected | This is the date and time when the threat was first detected. |
detectedBy | This is the product features that detected the threat. |
deviceId | This is the unique ID for the device. |
deviceName | This is the name of the device. |
fileSize | This is the size of the file, in bytes (for example, 1000 is 1KB). |
globalQuarantined | — |
md5 | This is the MD5 hash information for the threat. |
mostRecentDetection | This is the date and time of the most recent detection of the threat. |
name | This is the name of the threat. |
safelisted | — |
sha256 | This is the SHA256 hash information for the file. |
signed | — |
subClassification | — |
threatHistory | — |
uniqueToCylance | — |