Using VirusTotal for More than Simple AV Checks: How to Leverage Their Big Data to Threat Hunt in Your Network
Everyone uses VirusTotal’s free web page that allows you to check any file hash against multiple AV engines. But there’s so much more you can do with the massive amount of data they collect every day (2 billion file uploads and counting). And that’s good: just because the file you found on your network doesn’t show as being detected by any AV doesn’t mean it’s safe.
Alphabet Chronicle co-founder Mike Wiacek talks Virus Total Intelligence
So in this podcast you’re going to hear from two people from Chronicle – Rick Caccia who is the chief marketing officer, he’s mostly chiming in to explain a little bit about the new company – and Mike Wiacek, the CSO and co-founder of Chronicle. He’s going to be telling us about all the features of Virus Total that you probably didn’t realise exist. Did you know if you have a VTI account you can run YARA rules against everything that comes in to Virus Total? And you can apply the rules retrospectively to see what shakes out? And that they have graph and clustering features? And … and … and … you get the idea.