Alphabet launches VirusTotal Enterprise

Google takes aim at the enterprise incident response market with newly launched tools.
Written by Catalin Cimpanu, Contributor

Google launched today a new set of services for enterprise customers of VirusTotal, a website that lets users test suspicious files and URLs against an aggregate of multiple antivirus scanning engines at the same time.

This collection of new tools is part of the new VirusTotal Enterprise service, which Google described as "the most significant upgrade in VirusTotal's 14-year history."

As the name implies, this new service is specifically aimed at enterprise customers and is an expansion of VirusTotal's current Premium Services.

Google says VirusTotal Enterprise consists of existing VirusTotal capabilities, but also new functionality, such as improved threat detection and a faster search system that uses a brand new interface that unifies capabilities in VirusTotal's free and paid sites.

Also: You can buy Google's $50 set of Titan security keys now CNET

"VirusTotal Enterprise allows users to search for malware samples (using VT Intelligence), hunt for future malware samples (using VT Hunt with YARA), analyze malware relationships (using VT Graph), and automate all these tasks with our API," Google said.

Of all the new tools, VirusTotal Private Graph is the most interesting of all, as it allows enterprise customers (small or large companies) to connect their internal infrastructure to VirusTotal and generate malware relationship graphs showing how the malware infected internal networks.

As the "Private Graph" name implies, these graphs are private and will not be shared on the main VirusTotal website. Anyone can see what these graphs look like today. The original (and public) VirusTotal Graph tool was once part of VirusTotal Premium service and was opened to all users in January 2018.

Google hopes Private Graph will become a standard way of mapping infections at large companies during incident response operations.

Also: New G Suite security center offers security analytics and best practices from Google TechRepublic

More on the new VirusTotal Enterprise features below:

Private Graph: Create visualizations of malware relationships, link to internal information, and keep private from other VirusTotal users.

  • Private graphs allow you to include information about your own enterprise assets such as machines, people, departments, email, etc. within a graph.
  • Unlike normal VirusTotal graphs, private graphs are not shared with or visible by public VirusTotal users.
  • Private graphs enable secure team collaboration, as part of an incident investigation.
  • Finally, private graphs can automatically extract commonalities from nodes, to identify indicators of compromise.

Advanced malware search: Search more data, faster, using more powerful terms.

  • VirusTotal Enterprise increases search speed by 100x using new malware n-gram content searches
  • It also improves search accuracy, using additional parameters such as common icons across files, spam emails sharing a common visual layout, etc. For example, you can extract an icon from a fake application, and ask VirusTotal Enterprise to return all malware samples that use the same icon file.
  • Malware analysis is more powerful, showing new details about uploaded files, including embedded domains, IP addresses, interest-ranked strings, etc.
  • We've improved usability with a single, unified interface across the free and paid VirusTotal sites.

Enterprise user management and security: Control and secure corporate access to VirusTotal.

  • With this release, you can improve security by using your existing two-factor authentication to access your VirusTotal Enterprise account.
  • New API management of corporate groups helps keep your internal user directory synced with VirusTotal, for better user management.

The VirusTotal service was set up in 2004 by Spanish security company Hispasec Sistemas. It was acquired by Google in 2012, and its ownership changed to Chronicle, a subsidiary of Alphabet, Google's parent company.

Previous and related coverage:

Security 101: Here's how to keep your data private, step by step

This simple advice will help to protect you against hackers and government surveillance.

VPN services 2018: The ultimate guide to protecting your data on the internet

Whether you're in the office or on the road, a VPN is still one of the best ways to protect yourself on the big, bad internet.

FBI solves mystery surrounding 15-year-old Fruitfly Mac malware

Fruitfly malware author used port scanning with weak or no passwords to identify potential victims.

Meet Torii, a new IoT botnet far more sophisticated than Mirai variants

The evolving IoT botnet is able to compromise an impressive array of architectures.

Teenage Apple hacker avoids jail for 'hacky hack hack' attack

The self-proclaimed Apple fan stole roughly 90GB of confidential data from the iPad and iPhone maker.

Related stories:

Editorial standards