Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

New VirusTotal Service Aims to Reduce False Positives

VirusTotal, which recently became part of Alphabet’s new cybersecurity company Chronicle, announced on Tuesday the launch of a new service designed to help software developers and security vendors reduce the number of false positive detections.

VirusTotal, which recently became part of Alphabet’s new cybersecurity company Chronicle, announced on Tuesday the launch of a new service designed to help software developers and security vendors reduce the number of false positive detections.

VirusTotal Monitor is a premium service that allows software developers to upload their application files to a private cloud store where they are scanned every day by the products of the more than 70 antivirus vendors in VirusTotal.

If a file is flagged as malicious, both the developer and the antivirus vendor are automatically notified.

Developers can upload their files using an interface similar to Google Drive, and both developers and AV companies are provided a dashboard where they can view results. In addition to the web interface, both parties can leverage APIs to integrate Monitor with their own tools.

VirusTotal Monitor

“For antivirus vendors this is a big win, as they can now have context about a file: who is the company behind it? when was it released? in which software suites is it found? What are the main file names with which it is distributed?” explained VirusTotal’s Emiliano Martinez. “For software developers it is an equally big win, as they can upload their creations to Monitor at pre-publish stage, to ensure a release without issues.”

VirusTotal highlighted that the uploaded files will not be shared with third-parties, except for the antivirus vendors, which will get access to the files their products detect.

While it may seem that Monitor opens a door to abuse, VirusTotal pointed out that the new service is “not a free pass to get any file whitelisted.”

“Sometimes vendors will indeed decide to keep detections for certain software, however, by having contextual information about the author behind a given file, they can prioritize work and take better decisions, hopefully leading to a world with less false positives,” Martinez said. “The idea is to have a collection of known source software, then each antivirus can decide what kind of trust-based relationship they have with each software publisher.”

Advertisement. Scroll to continue reading.

VirusTotal Monitor has been in pre-release testing and is now accepting its first users. Developers can request a trial period.

Related: VirusTotal Launches New Android Sandbox

Related: VirusTotal Launches Visualization Tool

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn about active threats targeting common cloud deployments and what security teams can do to mitigate them.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...