Vile AnalyzizIntegrations : Extend Your Analysis
Connect your own service credentials to enrich analysis reports with external threat intelligence, AI-powered insights, and automated forwarding to your security information platform.
How Integrations Work
The platform’s built-in analysis engines provide threat detection, trust scoring, vendor intelligence, and file classification out of the box. Integrations let you extend this baseline with your own service subscriptions, adding deeper coverage without replacing the core analysis.
Integrations follow a bring-your-own-API model. You provide your API key for each service, and the platform uses it to query that service during analysis. Your keys are encrypted at rest and never shared with other tenants. Each integration can be enabled or disabled independently, and you can re-analyze existing files at any time to retroactively enrich them with newly connected services.
Threat Intelligence Enrichment
Available on all plans
Connect your threat intelligence service API key to enrich analysis reports with community detection data. When a file is analyzed, the platform queries the connected service with the file’s hash and incorporates the results into the Enrichment tab of your report.
Capabilities added
- Community detection counts showing how many security vendors have flagged the file
- Threat family and malware classification labels from the intelligence community
- Sandbox analysis results with behavioral indicators observed during dynamic execution
- First-seen and last-seen timestamps indicating how long the file has been known
- Reputation scores and confidence levels from the intelligence provider
Threat intelligence enrichment is available on all plans, including Free. You only need a valid API key from your threat intelligence provider.
AI-Powered Enrichment
Available on all plans
Connect an AI service API key to add deeper content analysis to your reports. The platform sends extracted file content (scripts, document text, configuration data) to the AI service for behavioral classification and natural-language description generation.
Capabilities added
- Natural-language file description explaining what the file does in plain English
- Behavioral classification identifying the file's purpose and capabilities
- Script and macro analysis with summarized intent for complex or obfuscated code
- Content categorization for documents, configuration files, and web assets
AI enrichment is available on all plans. Content sent to the AI service is limited to extracted text and metadata: raw file binaries are never transmitted to third-party AI services.
SIEM Connectors
Requires Business plan or above
Forward analysis results to your security information and event management platform automatically. When a file analysis completes, the platform delivers a structured event to your configured SIEM endpoint. This keeps your security operations center informed without requiring analysts to check the portal.
Supported platforms
The platform supports delivery to major SIEM platforms via their native ingestion endpoints. Each connector is pre-configured with the correct payload format, authentication method, and delivery protocol for the target platform.
- HTTP Event Collector (HEC) delivery for log aggregation platforms
- REST API delivery for cloud-native security analytics platforms
- Webhook delivery for platforms that accept standard JSON payloads
- Custom webhook endpoints for in-house or third-party integrations
SIEM connectors and webhook delivery require a Business plan or above.
Webhook Payload Format
All webhook deliveries (SIEM connectors and custom webhooks) use a consistent JSON payload format. The payload includes the key fields from the analysis report so your downstream systems can process results without calling back to the platform API.
Example payload
{
"event": "analysis.completed",
"timestamp": "2026-03-20T14:32:00Z",
"data": {
"sha256": "a1b2c3d4e5f6...full hash...",
"file_name": "installer-v2.4.1.exe",
"file_size": 4821504,
"trust_score": 87,
"verdict": "clean",
"category": "installer",
"vendor": "Example Software Inc.",
"signing_status": "valid",
"approval_status": "approved",
"report_url": "https://portal.vileanalyziz.com/analyses/a1b2c3d4..."
}
}Fields included in every payload:
sha256Full SHA-256 hash of the analyzed filefile_nameOriginal file name as uploadedtrust_scoreComposite trust score (0-100)verdictclean, caution, or high_riskvendorResolved software publisher namecategorySoftware category classificationapproval_statusapproved, pending_review, not_approved, or nulltimestampISO 8601 analysis completion timePlan Requirements
Integration availability varies by plan. Threat intelligence and AI enrichment are designed to be accessible to everyone, while SIEM connectors and webhook delivery are enterprise features.
| Integration | Free | Pro | Business | Enterprise |
|---|---|---|---|---|
| Threat Intelligence | ||||
| AI Enrichment | ||||
| SIEM Connectors | ||||
| Webhooks |
Setup Steps
Connecting an integration takes less than a minute. Follow these steps for any integration type.
Open Settings
Navigate to Settings in the portal sidebar and select the Integrations tab.
Select a provider
Choose the integration you want to configure: threat intelligence, AI enrichment, SIEM connector, or custom webhook.
Enter your API key
Paste your API key or endpoint URL into the configuration form. For SIEM connectors, you may also need to provide an authentication token or index name.
Save
Click Save. The platform validates your credentials by making a test request. If validation fails, check your API key and try again.
Re-analyze existing files
New analyses will automatically use the connected integration. To enrich existing reports, select files from the file list and click Re-analyze. This counts toward your monthly quota.
Security note: Your integration API keys are encrypted at rest and only decrypted during analysis processing. Keys are never logged, never included in webhook payloads, and never visible to other tenants. You can rotate or remove a key at any time from the Settings page.
Connect your first integration
Enrich your analysis reports with external threat intelligence and AI insights. Setup takes less than a minute.