Web Risk API is a Google Cloud service that lets client applications check URLs against Google's constantly updated lists of unsafe web resources. Unsafe web resources include social engineering sites — such as phishing and deceptive sites — and sites that host malware or unwanted software. With the Web Risk API, you can quickly identify known bad sites, warn users before they click infected links, and prevent users from posting links to known infected pages from your site. The Web Risk API includes data on more than a million unsafe URLs and stays up to date by examining billions of URLs each day.
Keep your users safe
Your users are critical to your business, and you need security controls to keep them — and your business — safe. With the Web Risk API, you can stop users from posting infected URLS to your site and sharing malicious links through your platform and warn your users before they visit sites that are known to be unsafe.
Take advantage of Google's web reach
Google Cloud user protection technology is built from years of Google's experience keeping users safe on the web. Google maintains constantly updated lists of unsafe web resources, which can now be used by enterprises to help keep risky URLs off their sites and help users stay protected.
Easily integrate Google Cloud web risk technology into your apps
As a flexible API-based service, the Web Risk API can be used to determine if unsafe URLs are present on websites or applications that are hosted in the cloud or on-premises.
Comprehensive list of known unsafe URLs
Take advantage of Google's constantly updated lists of unsafe web resources to identify phishing and deceptive sites, as well as sites that host malware or unwanted software.
The Web Risk API can be integrated into both cloud-based and on-premises hosted applications and websites.
The lookup API allows your client applications to send requests to check if posted URLs are included on any of the known unsafe lists. If a known bad URL is found, it will be flagged and returned.
Use the update API to download hashed versions of the unsafe lists for storage in a local database. If a match is found in the local database, the client can send a verification request to the Web Risk API servers to confirm the URL is present on the unsafe lists.
A product on this page is in beta. For more information on our product launch stages, see here.