Verdict-as-a-Service (VaaS) is a cloud service that provides capabilities to scan files for malware and other threats. It allows you to easily integrate malware detection in your application with a few lines of code. You can use VaaS to secure any scenario where a file is exchanged or stored, such as:
- Upload forms with file submissions
- Collaboration software like MS Teams, Nextcloud or Slack
- Backup and distributed file storage like Dropbox or OneDrive
With minimal effort, you can check a file, URL or hashsum for malicious content. No local installation of any anti-malware product is necessary. VaaS works out of the box, by providing detections from the G DATA cloud. Hosting VaaS on your own Kubernetes cluster, is an option as well.
Simple example in Rust. Check below for more programming languages.
use vaas::{error::VResult, CancellationToken, Vaas, VaasVerdict};
use vaas::auth::authenticators::ClientCredentials;
use std::convert::TryFrom;
use std::time::Duration;
#[tokio::main]
async fn main() -> VResult<()> {
// Cancel the request after 10 seconds if no response is received
let ct = CancellationToken::from_seconds(10);
// Authenticate and create VaaS instance
let authenticator = ClientCredentials::new(CLIENT_ID, CLIENT_SECRET);
let vaas = Vaas::builder(authenticator).build()?.connect().await?;
// Open a file we want to check
let file = std::path::PathBuf::from("myfile");
// Ask VaaS for a verdict
let verdict = vaas.for_file(&file, &ct).await?;
// Prints "Clean", "Pup" or "Malicious"
println!("{}", verdict.verdict);
Ok(())
}
If you are interested in trying out VaaS, you can sign up on our website to create a free trial account. Visit our registration page and follow the instructions to get started. If you have a business case or specific requirements, please contact us at [email protected] to discuss your needs and explore how VaaS can best fit your organization.
We provide SDKs for various programming languages to make it easy for you to integrate VaaS in your application. You can find the source code, examples, and documentation for each SDK in the corresponding repository. Currently, we support the following languages:
Language | Source Code | Examples | Documentation | Repository |
---|---|---|---|---|
Rust | Rust SDK | Examples | docs.rs | crates.io |
Java | Java SDK | Examples | Readme | maven central |
PHP | PHP SDK | Examples | packagist | |
TypeScript | TypeScript SDK | Examples | Readme | npmjs |
Python | Python SDK | Examples | Readme | pypi |
.NET | .NET SDK | Examples | nuget.org | |
Ruby | Ruby SDK | Examples | Reamde | rubygems |
Go | Go SDK | Examples | Readme | Github |
The following table shows the functionality supported by each SDK:
Functionality | Rust | Java | PHP | TypeScript | .NET | Python | Ruby | Golang |
---|---|---|---|---|---|---|---|---|
Check SHA256 | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
Check SHA256 list | ✅ | ✅ | ❌ | ✅ | ✅ | ❌ | ❌ | ✅ |
Check URL | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
Check file | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
Check file list | ✅ | ✅ | ❌ | ✅ | ✅ | ❌ | ❌ | ✅ |
Custom Guids for tracability on user side | ❌ | ❌ | ✅ | ❌ | ❌ | ✅ | ❌ | ❌ |
You can use VaaS to create various applications that scan for malicious content with a few lines of code. Here are some examples:
Create a command line scanner to find malware: Example
Create a KDE Dolphin plugin to scan for malicious content: Example
Create a WordPress plugin that scans all file uploads for malware: Example