About ReversingLabs Scanning

ReversingLabs scans allow you to get access to enhanced malware and threat intel data via our ReversingLabs partnership. Using complex binary analysis powered by ReversingLabs, developers and DevOps teams can analyze first party, open source, and commercial software to identify the presence of threats such as malware, maldocs, suspicious files, potentially unwanted applications (PUAs), protestware, and suspicious file structure malformations to help avoid dangerous software supply chain attacks.

What do I need to perform a ReversingLabs scan?

In order to perform ReversingLabs scans, you must first have the feature enabled on your product registration key. For more information, please contact Black Duck Customer Support.

You must also have a connection to the Internet as this scan requires a connection to ReversingLabs's third-party tools.

How do I perform a ReversingLabs scan?

The ReversingLabs scan is conducted as part of a Detect scan. When running the Detect scan, add the following parameters to the command:

--detect.tools=THREAT_INTEL
--detect.threatintel.scan.file.path=Path to local binary file

For more information on how to run a ReversingLabs scan in Detect, please visit Detect's ReversingLabs documentation.

What happens to my file information during a scan?

Detect sends the information to Black Duck to be processed, creating a hash to be used by ReversingLabs. The hash is then sent to ReversingLabs to perform the malware scan.

Once the scan is complete, ReversingLabs returns a report in JSON format which is then uploaded to Black Duck. Your files are removed from Storage service when the scan is completed and they are not persisted in system.

Where do I find the ReversingLabs scan results?

The results of the ReversingLabs scan are found in the project version's BOM page under the Malware tab.


Malware tab

What do the ReversingLabs scan results mean?

The Malware tab is composed of the following information:


Malware tab details page

The left side menu displays the list of malware found in your project version, including the severity of each item. Clicking any of the items displays more information.

The right side of the Malware page displays the details of the malware selected in the lefthand menu. It provides the following information:

  • Malware type and definition: Detailed description of the malware found.

  • What to Do: Provides steps on how to investigate the issue and how to address it.

  • File: List of files affected by the selected malware type. Click the file to display more information.


    Malware file details