Introducing VirusTotal Enterprise

Today we are announcing an upcoming update to VirusTotal: VirusTotal Enterprise. VirusTotal Enterprise combines existing capabilities, expanded functionality including improved YARA threat hunting, and new features such as Private Graph and high-speed searching through a new interface that unifies capabilities in our free and paid sites. In the coming weeks, we’ll be rolling out all of these features to new and existing customers.

As a part of Alphabet, VirusTotal benefits from increased scalability of data collection, processing, and search. As part of Chronicle, Alphabet’s cybersecurity company, we support the mission to help enterprises better protect their own networks. VirusTotal Enterprise makes this mission real, with massive search improvements and more powerful data visualization.

VirusTotal Enterprise allows users to search for malware samples (using VT Intelligence), hunt for future malware samples (using VT Hunt with YARA), analyze malware relationships (using VT Graph), and automate all these tasks with our API. VT Private Graph adds new capabilities that enable customers to represent their internal infrastructure and users within a graph, all while keeping your most sensitive investigations private. Specifically, VirusTotal Enterprise adds these new capabilities to the VirusTotal malware intelligence service:

Private Graph: Create visualizations of malware relationships, link to internal information, and keep private from other VirusTotal users.

  • Private graphs allow you to include information about your own enterprise assets such as machines, departments, users, etc. within a graph.
  • Unlike normal VirusTotal graphs, private graphs are not shared with or visible by public VirusTotal users.
  • Private graphs enable secure team collaboration, as part of an incident investigation.
  • Finally, private graphs can automatically extract commonalities from nodes, to identify indicators of compromise.

Advanced malware search: Search more data, faster, using more powerful terms.

  • VirusTotal Enterprise increases search speed by 100x using new malware n-gram content searches
  • It also improves search accuracy, using additional parameters such as common icons across files, spam emails sharing a common visual layout, etc. For example, you can extract an icon from a fake application, and ask VirusTotal Enterprise to return all malware samples that use the same icon file.
  • Malware analysis is more powerful, showing new details about uploaded files, including embedded domains, IP addresses, interest-ranked strings, etc.
  • We’ve improved usability with a single, unified interface across the free and paid VirusTotal sites.

Enterprise user management and security: Control and secure corporate access to VirusTotal.

  • With this release, you can improve security by using your existing two-factor authentication to access your VirusTotal Enterprise account.
  • New API management of corporate groups helps keep your internal user directory synced with VirusTotal, for better user management.

We continue to leverage the power of Google infrastructure to expand the search and analysis capabilities of VirusTotal. As part of Chronicle, we also continue to add features to make VirusTotal more useful for enterprise security analysts. VirusTotal Enterprise will give those analysts new ability to search more data, faster, and to visualize it in new ways. We believe this will help you understand threats better and improve your own security.

Interested in seeing a demo or starting a trial? Drop us a note at info@virustotal.com or join us on October 11 for a live Webinar showing VirusTotal Enterprise.