The Anti Malware Scan Interface (AMSI) is a security feature in Windows that allows applications and services to integrate with antimalware software (AKA antivirus or AV) to detect and block malicious code.

It works by sending every line in the script while it’s running in the interpreter to the machines’ antivirus to be scanned before executing it.

This provides an extra layer of protection against fileless malware, particularly those that use PowerShell scripts, Macros (VBA) and JavaScript.