Crowdsourced Malware Analysisfor new and emerging threats
PolySwarm is a more effective way to detect, analyze and respond to the latest threats, the ones more likely to go undetected by existing solutions.
We are a launchpad for new technologies and innovative threat detection methods, where commercial solutions and specialized engines compete to detect threats, and get compensated based on performance.
Access
Why PolySwarm?

Early Detection of Threats
Specialized Engines

Higher Accuracy
Performance-Based Compensation

SOC Automation
Contextual Threat Scoring
First-Seen Samples
At Scale
Specialized Enginesto protect against the latest threats
PolySwarm is powered by a network of threat detection engines. It combines wide coverage from commercial engines, with the ability to detect threats earlier from specialized solutions.
Distribution of Malware
Specialized engines are niche and research-driven, often authored by independent, well known researchers and security teams, developing cutting-edge threat detection methods.
PolySwarm brings them together to cover the existing protection gaps and better protect enterprises against new threats.
Distribution of Malware
JoinpolyX
A community of anti-malware researchers with a shared goal of making malware hard.
ApplyPerformance-Based CompensationTo Improve Accuracy
PolySwarm’s economic model incentivizes specialization and rewards early and accurate detection of threats.
Engines are incentivized to respond only when confident
Reflect confidence behind each opinion by staking money
And get compensated based on the accuracy of their determinations
PolySwarm Network Stats
1.5M+
Malware Verdicts per Day
+40
Threat Detection Engines
600k+
New Malicious Samples per Day
+25%
Unique or First-Seen Malicious Samples
Contextual Threat ScoringTo Enable SOC Automation
Multiscanners and crowdsourced solutions provide multiple and often conflicting opinions on potential threats. Who should you trust? Concluding requires additional intuition-based work, which takes time, produces inconsistent results and can not be automated.
PolyScore™ provides the probability a given file contains malware in a single, authoritative number.

Multiscanners and crowdsourced solutions provide multiple and often conflicting opinions on potential threats. Who should you trust? Concluding requires additional intuition-based work, which takes time, produces inconsistent results and can not be automated.
PolyScore™ provides the probability a given file contains malware in a single, authoritative number.

Hot FeedUnique and first seen malware samples
A unique stream of new and emergent malware hashes with detailed metadata, 30% of which cannot be found in other multiscanners.
Likely malware
High PolyScore (≥ 0.80)
Potential false negatives
Low number of counting engines (≤ 3)
High PolyScore (≥ 0.50)
Counter-intel
C2 monitoring and dynamic sandboxing

Integration Partners
Threats come from all angles, your protection should too™
Incident Response
File & URL scanning, investigation and forensics

Threat Intelligence
Data enrichment, threat hunting and scoring

Security & SOC Automation
Make fast and accurate defense decisions at scale

Custom Malware Feeds
Scheduled metadata search based on user input
