Views:

Use the Trend Vision One File Security Java SDK to scan files for malware.

The Java SDK for Trend Vision One™ File Security empowers you to craft applications seamlessly integrating File Security. With this SDK you can perform a thorough scan of data and artifacts within your applications to identify potential malicious elements.
Follow the steps below to set up your development environment and configure your project, laying the foundation to effectively use File Security.
Related information

Checking prerequisites Parent topic

Before installing the SDK, ensure you have the following:

Creating an API key Parent topic

The File Security SDK requires a valid API key provided as a parameter to the SDK client object. Trend Vision One API keys are associated with different regions. Refer to the region flag below to obtain a better understanding of the valid regions associated with the API key.

Procedure

  1. Go to AdministrationsAPI Keys.
  2. Click Add API Key.
  3. Configure the API key to use the role with the Run file scan via SDK permission.
  4. Verify that the API key is associated with the region you plan to use.
  5. Set an expiry time for the API key and make a record of it for future reference.

Installing the SDK Parent topic

Procedure

  • Download the jar from Maven Central Repository.
  • For Maven, add the below dependency to pom.xml.
    <dependency>
  <groupId>com.trend</groupId>
  <artifactId>file-security-java-sdk</artifactId>
  <version>1.0.0</version>
</dependency>

Using the File Security Java SDK Parent topic

Procedure

  1. Create a client object by specifying your Trend Vision One region and a valid API key.
  2. Invoke the file scan or buffer scan to scan the target data.
    Below is a Java code example illustrating how to use the SDK.
    import com.trend.fs.AMaasClient;

public static void main(String[] args) {
    try {
        // 1. Create an AMaaS Client object and configure it to carry out the scans in Vision One "us-east-1" region.
        AMaasClient client = new AMaasClient("us-east-1", "your-api-key");

        // 2. Call ScanFile() to scan the content of a file.
        String scanResult = client.scanFile(""path-of-file-to-scan"");

        if (scanResult != null) {
            // 3. Print out the JSON response from ScanFile()
            System.out.println("scan result " + scanResult);
        }
    } catch (AMaasException err) {
        info("Exception {0}", err.getMessage());
    }
}
  3. Parse the JavaScript object notation (JSON) response that the scan API returned to determine whether the scanned data contains malware. When malicious content is detected in the scanned object, scanResult shows a value and foundMalwares contains the file name and name of the malware.
    Below is an example JSON response.
    {
  "version": "1.0",
  "scanId": "25072030425f4f4d68953177d0628d0b",
  "scanResult": 1,
  "scanTimestamp": "2022-11-02T00:55:31Z",
  "fileName": "EICAR_TEST_FILE-1.exe",
  "filePath": "AmspBvtTestSamples/BVT_RightClickScan_DS/unclean/EICAR_TEST_FILE-1.exe",
  "foundMalwares": [
    {     
      "fileName": "Eicar.exe",
      "malwareName": "Eicar_test_file"
    }
  ]
}

    JSON Response

    Response code Malware detected None detected
    scanResult
    Non-zero
    		 null
    foundMalwares fileName malwareName null