Skip Navigation

Get threats

Get information for a specific threat in a tenant.
Service endpoint
/threats/v2/{{sha256}}
Optional query string parameters
Example
https://protectapi.cylance.com/threats/v2/D4C46F87A745C3DFA9E7401507FA14E544CF9310E3860F922FE97C2DDB3F12A1
Method
HTTP/1.1 GET
Request headers
  • Accept: application/json
  • Authorization: Bearer
    JWT Token returned by Auth API
    with the device:list scope encoded

Request

None

Response

Please see the Response status codes for more information.

Response JSON schema

Field Name
Description
avIndustry
This is the threat data from the AV industry.
certIssuer
This is the certificate issuer.
certPublisher
This is the certificate publisher.
certTimestamp
This is the date and time when the certificate was created.
classification
This is the classification of the threat (For example, PUP indicates a potentially unwanted program).
dateDetected
This is the date and time the threat was detected on the device.
dateFirstDetected
This is the date and time when the threat was first detected.
detectedBy
This is the product features that detected the threat.
deviceId
This is the unique ID for the device.
deviceName
This is the name of the device.
fileSize
This is the size of the file, in bytes (for example, 1000 is 1KB).
globalQuarantined
md5
This is the MD5 hash information for the threat.
mostRecentDetection
This is the date and time of the most recent detection of the threat.
name
This is the name of the threat.
safelisted
sha256
This is the SHA256 hash information for the file.
signed
subClassification
threatHistory
uniqueToCylance