Next-Generation AI Threat Detection Software Development Kit


Transform your software offering by leveraging DeepArmor’s industry-leading AI threat detection models off-the-shelf for high-volume file analysis

  • Differentiate and Offer More Value to your Customers
    Develop new products, services, and business models by leveraging leading, comprehensive AI threat detection models from an AI industry pioneer
  • Innovate Without Needing to Build an AI Practice
    Minimize resource constraints and gaps by using proven, off­-the­-shelf threat detection models built completely from AI, and not having to hire and onboard data science teams
  • Get to Market in Weeks, not Months
    Develop quickly with rich development materials and streamlined integration into your software solution

Highly Trusted, Highly Awarded



web gateway security

network protection

cloud access security broker

email protection

next generation firewall

email protection

endpoint detection & response

Why DeepArmor SDK?

It starts with a fundamentally different approach to building threat detection models. Instead of using human threat researchers (with bias) to guide the development of AI threat detection models, DeepArmor starts with data science by deriving model features from large samples of malware to deliver unbiased, higher­performing threat detection models than other vendors claiming AI. And because DeepArmor is developed by SparkCognition, an AI company (not a cybersecurity company), we integrate exclusive new research and techniques into the SDK models that other companies do not have the capabilities to develop or deploy.

What does this mean for you? It means that your customers will be more secure from the most advanced and best performing threat detection models on the market.


The proof is in the models. In both independent 3rd party and internal testing, DeepArmor detection models outperform all other legacy and next-generation vendors with 99.9% detection and no false positives. Don’t sacrifice performance when the stakes are this high.

Zero-Day Malware Protection Testing (Windows)

Zero-Day Malware Protection Testing (MacOS)

Zero-Day Malware Protection Testing (Office)

SDK Architecture

Technical Features

DeepArmor Server SDK

High-volume file analysis and classification deployed on premise

DeepArmor Cloud Service

High-volume file analysis and classification deployed as a cloud service

  • High volume file analysis and classification capability designed to easily integrate into existing security solutions including: Network Protection, Email Protection, Web Gateways, Malware Analysis
  • Supports 60+ file formats including: PE, EFL, MachO, Office, PDF, PowerShell, VBScr
  • Designed for on-premise (on-server) deployment in Docker container
  • Delivered as a cloud services subscription
  • API Interface (JSON) designed for easy integration
  • REST API Interface (JSON) is designed for easy integration
  • Supports both connected and isolated network deployment models
  • Files are not shared publicly
  • Licensed on a per server basis as an annual subscription or perpetual license
  • Licensed based on the number of daily API requests (e.g., 50K, 100K) as an annual subscription

DeepArmor Endpoint SDK

Cross-platform security for physical and virtual endpoints

  • Designed to augment endpoint security products by providing multi-level system monitoring (process, file, memory), next-generation machine learning detection and file reputation
  • Cross-platform endpoint detection and protection for Windows, MacOS and Linux systems
  • Out-of-the-box technology designed to seamlessly integrate with existing agents through C# bindings
  • Flexible policy configuration including automated response (e.g., Terminate Process, Quarantine File), whitelisting and blacklisting
  • Optional expanded visibility includes expanded device telemetry and static file analysis data
  • Licensed based on the number of endpoint devices as an annual subscription