By rssfeeds-admin 
The update introduces real-time evidence streaming and compliance mapping, directly addressing the manual burden of audit preparation that costs organizations 30-40 hours per audit cycle.
The announcement includes two integrated capabilities: API-driven compliance automation that feeds structured security evidence into GRC platforms , and the Quttera Threat Encyclopedia, an AI-powered resource providing instant context for detected threats.
From scramble to evidence-as-code
Organizations preparing for SOC 2, ISO 27001, and PCI DSS v4.0 audits traditionally spend dozens of hours manually collecting security evidence—exporting reports, capturing screenshots, and mapping findings to compliance controls. This approach creates outdated evidence, doesn’t scale across frameworks, and fails to prove continuous monitoring.
Novofastovsky
“Securiy teams are exhausted by the manual ‘evidence chase’ required before every audit,” said Michael Novofastovsky, CTO of Quttera. “We’re transforming malware detection into ‘Evidence-as-Code’—structured, real-time security data that flows automatically into compliance workflows. Whether organizations use Drata, Vanta, or custom GRC systems, our API provides continuous proof without human intervention.”
Quttera’s API converts threat detection into structured JSON with embedded compliance metadata, mapping findings to controls across SOC 2 (CC6.1, CC7.2), PCI DSS v4.0 (Requirements 6.4.3, 11.6.1), ISO 27001, and GDPR simultaneously.
Meeting PCI DSS v4.0
The update specifically targets PCI DSS v4.0 requirements mandatory since March 2025, particularly Requirements 6.4.3 (script authorization on payment pages) and 11.6.1 (file integrity monitoring). These requirements demand continuous automated detection—capabilities manual processes cannot provide at scale.
“PCI DSS v4.0 requires real-time detection of unauthorized changes to payment scripts,” Novofastovsky explained. “Our API provides timestamped evidence that monitoring is active 24/7, changes are detected automatically, and controls are continuously validated.”
AI-Powered Threat Intelligence
The Threat Encyclopedia addresses the context gap security teams face when responding to detections. Integrated directly into scan reports, it provides:
•Technical breakdown of malware behavior
•Business impact and risk classification
•Step-by-step remediation guidance
•Connections to known attack campaigns
“We’re automating both sides of the problem,” said Novofastovsky. “The API handles compliance proof. The Threat Encyclopedia handles operational response. Together, they eliminate manual evidence collection and research overhead.”
The Encyclopedia currently documents 80+ web malware categories, with AI-assisted expansion based on emerging threats.
Key capabilities
•Automated Control Mapping: Detections tagged for multiple compliance frameworks simultaneously
•Real-Time Evidence Streaming: Continuous JSON feeds replace static PDF reports
•Behavioral Detection: Heuristic scanning identifies zero-day and polymorphic threats
•Integration Flexibility: Works with existing GRC platforms via standard REST API
Availability
Enhanced capabilities are available immediately to all Quttera API subscribers.
•API Documentation: https://quttera.com/quttera-web-malware-scanner-api
•Integration Help: https://quttera.com/quttera-anti-malware-api-help
•Threats Library: https://threats.quttera.com/
About Quttera: Quttera provides automated website security and malware detection solutions, delivering compliance-ready evidence for organizations across financial services, healthcare, e-commerce, and technology sectors. Its comprehensive suite includes advanced heuristic scanning, blacklist monitoring, and remediation services, helping businesses worldwide protect their digital assets and reputation. For more information, users can visit https://quttera.com
Media contact: Michael Novofastovsky, CTO, Quttera, michael@quttera.com
Editor’s note: This press release was provided by CyberNewswire as part of its press release syndication service. The views and claims expressed belong to the issuing organization.
The post News alert: Quttera’s new API replaces manual audit prep, now aligned with PCI DSS v4.0 requirements first appeared on The Last Watchdog.
Discover more from RSS Feeds Cloud
Subscribe to get the latest posts sent to your email.