VirusTotal: a Community Approach
Karl Hiramoto , VirusTotal
VirusTotal is a center for collaboration within the security community mainly known for the 70+ AV scanners. Community members upload files to scan, we partner with AV companies to scan the file, in exchange for running an engine on VirusTotal, we provide new samples that are not detected by their engine and false positive feeds for known files.
There are many other ways to partner and work towards greater collaboration with the community.
Possible integration points are:
Aggregation of Sandbox data
URL scanners
AV Scanners
Passive DNS
False Positive detections from known sources of commercial software.
Metadata: auto runs, in the wild telemetry
VirusTotal strives to be a neutral member of the community and not favor one technology or vendor over another.
Karl Hiramoto
Karl Hiramoto has been at VirusTotal since January 2014. In that time he’s worked on open source code available on github, partner integrations, development of in house tools, MacOS sandboxing, debugging issues, and support issues. Prior to joining VirusTotal, Karl worked, on data mining, network security products, embedded linux systems and sensors. Karl has presented previously at blackhat arsenal. |