VirusTotal for Investigators 

Understand the scale and depth of malicious campaigns, enhance your investigations, and minimize impact.

This presentation shows how you can leverage VirusTotal data to analyze malware campaigns. It will explore advanced VirusTotal tools including facet search, VTGrep, VTGraph and YARA. It will also include recently released features including improved relational metadata as well as expanded proactive and retroactive tracing capabilities allowing investigators to dig deep into the malware. in global data sources. With these tools, users can better understand the breadth and depth of malicious campaigns, and can better investigate and mitigate their impact. 

Smarter, Safer 

VirusTotal Enterprise provides the information your security team needs to protect your network from threats. 

As part of Alphabet, VirusTotal benefits from increased scalability of data collection, processing and retrieval. As part of Chronicle, Alphabet’s cybersecurity company, we support our mission to help businesses better protect their own networks. VirusTotal Enterprise makes this mission a reality, with major search enhancements and more powerful data visualization. 

Protect against Malware 

VirusTotal Intelligence allows you to search for malware threats affecting your network. 

You’re probably familiar with VirusTotal as a basic malware research tool. Did you know that VirusTotal Intelligence, an advanced layer of analysis on top of the VirusTotal database, helps you perform malware threat hunting, behavior and relationship visualization, and historical analysis across the Internet. billions of malware samples? 

With VTI, you can better protect against malware in your network. This advanced use case solution briefly describes how to do it. Immediate access to documents – no registration required. 

VirusTotal Intelligence for threat investigation 

VirusTotal Intelligence cung cấp thông tin mở rộng để đẩy nhanh các cuộc điều tra về mối đe dọa phần mềm độc hại. Các nhà phân tích có thể nhanh chóng xây dựng một bức tranh về một cuộc tấn công và sau đó sử dụng thông tin để bảo vệ tốt hơn trước các cuộc tấn công khác.

VirusTotal Intelligence provides extensive intelligence to accelerate malware threat investigations. Analysts can quickly build a picture of an attack and then use the information to better protect against other attacks. 

During an investigation, security analysts and incident responders are often given a hash file and asked to learn about an attack. Unfortunately, this is like just being given a bullet and then being asked to uncover the whole plot. Without other context, it is virtually impossible to attribution, build effective defenses against other attacks, or understand the impact of a given threat on an organization to connect the dots with VirusTotal and explore the plot. 

VirusTotal Intelligence for banking trojan 

Disable banking trojans with VTI’s advanced capabilities. 

Certain industries are particularly at risk of password-stealing trojans, which capture customer account credentials and then use them to transfer funds. Financial services are at a very high risk of credential theft, resulting in increased costs as well as reputational damage. 

Mitigate false negatives to improve software publishing 

For software publishers as well as enterprise developers, false-positive antivirus software can deter users from tracking and reduce revenue. VirusTotal Monitor creates a quick path to addressing false positives – before they cause harm. 

Most users view VirusTotal as a tool for detecting malware and malicious behavior. As one of the world’s largest malware intelligence services, VirusTotal is used by millions of people every day to perform basic malware research. However, because VirusTotal integrates results from more than 70 antivirus solutions, it can also be used to detect legitimate files misclassified by AV products. These are what the industry calls false positives, and they continue to be a big problem for software publishers of any size. To help both the antivirus industry and software publishers worldwide, we developed VirusTotal Monitor. VirusTotal Monitor is designed to help software publishers identify potential false positive issues with their products and to streamline the process of reporting these problems before they cost money and time. .