TEL AVIV, Israel, Nov. 27, 2025 — Enhanced API features and an AI-driven Threat Encyclopedia remove the need for manual audit preparations, offering continuous compliance documentation and immediate threat insights
Quttera today revealed significant improvements to its Web Malware Scanner API, which transforms static security scanning into automated compliance evidence. This update introduces real-time evidence streaming and compliance mapping, directly addressing the labor-intensive audit preparation process that typically consumes 30-40 hours per audit cycle for organizations.
The announcement highlights two integrated functionalities: API-powered compliance automation, which supplies structured security data to GRC platforms (), and the AI-enhanced Quttera Threat Encyclopedia (), a resource offering immediate context for identified threats.
Automating the Manual Evidence Chase
Businesses getting ready for SOC 2, ISO 27001, and PCI DSS v4.0 audits traditionally devote many hours to gathering security evidence by hand—generating reports, taking screenshots, and aligning findings with compliance controls. This method results in out-of-date evidence, lacks scalability across various frameworks, and cannot demonstrate ongoing monitoring.
“Security professionals are worn out by the painstaking ‘evidence hunt’ demanded before each audit,” stated Michael Novofastovsky, Quttera’s CTO. “We are converting malware detection into ‘Evidence-as-Code’—organized, live security information that integrates seamlessly into compliance procedures. Regardless of whether companies utilize Drata, Vanta, or bespoke GRC solutions, our API delivers ongoing validation without requiring human input.”
Quttera’s API transforms threat detections into structured JSON, complete with embedded compliance metadata, correlating findings with controls for SOC 2 (CC6.1, CC7.2), PCI DSS v4.0 (Requirements 6.4.3, 11.6.1), ISO 27001, and GDPR concurrently.
Addressing PCI DSS v4.0’s New Requirements
This update specifically addresses PCI DSS v4.0 requirements, which became mandatory in March 2025, focusing on Requirement 6.4.3 (authorizing scripts on payment pages) and Requirement 11.6.1 (file integrity monitoring). These stipulations necessitate continuous automated detection—a capability that manual procedures cannot deliver efficiently at scale.
“PCI DSS v4.0 mandates the immediate detection of unauthorized alterations to payment scripts,” Novofastovsky clarified. “Our API offers time-stamped proof that monitoring is constant around the clock, changes are automatically identified, and controls are validated without interruption.”
AI-Powered Threat Intelligence
The Threat Encyclopedia fills the contextual void often encountered by security teams when reacting to detections. Directly incorporated into scan reports, it offers:
- Detailed technical analysis of malware activity
- Business implications and risk categorization
- Incremental remediation instructions
- Links to established attack operations
“We are automating both aspects of the challenge,” Novofastovsky noted. “The API manages compliance verification. The Threat Encyclopedia manages the operational response. Combined, they remove the burden of manual evidence gathering and research.”
The Encyclopedia currently catalogs over 80 categories of web malware, with AI support for expanding its coverage based on new threats.
Key Capabilities
- Automatic Control Alignment: Detections are simultaneously tagged for multiple compliance frameworks.
- Live Evidence Flow: Continuous JSON data streams supersede static PDF reports.
- Behavior-Based Detection: Heuristic scanning pinpoints zero-day and polymorphic threats.
- Flexible Integration: Compatible with current GRC platforms through a standard REST API.
Availability
The improved functionalities are now instantly accessible to all Quttera API subscribers.
- API Documentation:
- Integration Help:
- Threats Library:
About Quttera:
Quttera delivers automated solutions for website security and malware detection, offering compliance-ready evidence to businesses in financial services, healthcare, e-commerce, and technology. Its extensive suite features advanced heuristic scanning, blacklist surveillance, and remediation services, aiding companies globally in safeguarding their digital assets and brand standing.
For more information, users can visit
Contact:
CTO
Michael Novofastovsky
Quttera
Photo –
SOURCE Quttera