The AMSI SDK is a software development kit designed to strengthen security solutions against threats delivered through Office VBA macros and script-based technologies. Malicious macros and scripts are a common infection vector for malware, making protection in this area critical. The SDK provides an interface that allows security products to integrate scanning and detection capabilities for content executed via Office VBA, PowerShell, VBScript, and JavaScript. By enabling inspection of script-based content, it helps identify malicious code before or during execution. Its focus is on simple integration, allowing security vendors or software developers to extend existing solutions with macro and script protection without complex implementation efforts.

Key Features

Simple Integration for Office VBA Macro Protection Enables protection against malicious macros in Office documents.

• Detection of harmful VBA code
• Strengthens document-based threat defense

Simple Integration for Script Protection Supports inspection of common scripting environments.

• PowerShell script analysis
• VBScript inspection
• JavaScript inspection

AMSI-Based Interface Support Designed for integration into security solutions.

• Enables scanning of script content
• Enhances existing detection mechanisms

Benefits

Reduced Infection Risk via Macros Addresses a major malware entry vector.

• Protection against malicious Office documents
• Early detection of embedded threats

Improved Script-Based Threat Defense Extends protection to commonly abused scripting engines.

• Coverage for PowerShell-based attacks
• Detection of malicious VBScript and JavaScript

Efficient Security Solution Enhancement Simplifies extension of existing products.

• SDK-based implementation
• Reduced development complexity

Layered Security Approach Complements other malware detection technologies.

• Adds macro and script inspection layer
• Strengthens overall endpoint protection