Busy Winter Times in Malwarelytics: Azure Cloud, RASP banner and APIs

There was no rush and no rest at the same time during winter times in Malwarelytics product development. We have changed our cloud service provider, added more data and features to the console and introduced a new API endpoint.

Here is the feature overview from the latest release:

From Heroku to Azure

It was like yesterday when we started with Malwarelytics. We have used cloud computing services from the first moment and our initial choice was the Heroku platform. We have enjoyed almost three years of running and providing our services there.

It is now almost a year ago when we started to look for a more adult and more capable cloud computing service. The main reasons behind were:

  • to be ready for an exponential growth, our end-user base is few millions already
  • the ability to base our service in almost any part of the world easily
  • automate, monitor and tune up our resources and services

The final choice hit on the Microsoft Azure platform which matched all our needs, passed the initial tests and performed very well on our simulated production load. We are happy to be there and we are looking forward to provide our service to the world in an unlimited manner.

RASP Banner on Device Card

We have refactored and polished the device card to bring more important values there. The most remarkable change is two visible banners. The first ne indicates the level of threat caused by an installed application (Android only). The second one shows the highest device security weakness.

The threat banner on a device can work in several modes from now on. Those modes combine or prefer following threats:

  • Threat Flag - Highest flag among all RASP detections
  • Threat Level - Highest threat among all installed APKs

There is always a default mode for a view, but a user can change it to a preferred mode.

Malwarelytics API

We moved all the APIs to our new dedicated endpoint for Malwarelytics API: api.malwarelytics.com. The documentation of the published APIs can be found on our developer portal. Besides that there is also a swagger documentation available. It can be accessed with an integration role user or any of the Malwarelytics console users.

Security Changes as Events

Collecting security events from devices or the secured banking application is one of the data feeders to provide a successful protection. We have extended our events with gathering important milestones of an end-user device and the secured banking application:

  • OS version changed
  • Malwarelytics SDK version changed
  • Client user identification changed

Level Up on Statistics

The old good statistics are gone. Instead of providing global stats over all devices and mixed platform data, which was not bringing enough value, we redid the section to be per-customer and thus filtered by the selected origin applications. 

It now shows platform distribution share and separate sections for each of the supported platforms.


  • operating system versions share and trend
  • top device vendors and models


  • operating system versions share and trend
  • top device models

Special Flags on Console Users

There were added two special flags to the console users list:

  • 2FA enabled/disabled
  • Password reset pending (displayed when a user has not activated the account or not changed the account password yet)

Next to this a warning bar can be enabled on an organization to push all users without enabled 2FA to activate it.

Protect Your Mobile Banking App!

Take control of your mobile banking security with our advanced mobile threat intelligence for iOS and Android. Implementation into your mobile banking app takes minutes and can be done with just a couple of lines of code.

Subscribe to Our Newsletter

To stay in touch with us, simply fill in you e-mail address and never miss a beat.