VirusTotal Enterprise

Added to bookmarks
Bookmarks list

Bookmark has been removed
Bookmarks list

You can't add any more bookmarks

By registering as a member, you can increase the number of bookmarks you can save and organize them with labels.
Free membership registration

last updated：May 16, 2024

Official site

Google's AI-powered threat intelligence, one of the largest in the world, includes malicious judgment information on files, IPs, domains, etc.

It is a solution from Google Cloud that provides various threat intelligence, available for free or for a fee. Since the service began in 2004, it has been referred to as the "Google of Malware," holding vast amounts of files uploaded by many users and their analysis results.

Related Link - https://anchor-u.com/product/virustotal/

Inquire About This Product

basic information

*The information on this page is an excerpt from Anchor Technologies' product page. For more details, please visit the product page below.* https://anchor-u.com/product/virustotal/ ■ Search and Download via Web Interface 【Basic Bundle】300 times/month 【Professional Bundle】1,000 times/month 【Professional+ Bundle】5,000 times/month 【Duet Bundle】20,000 times/month ■ Private API (Premium API) 【Basic Bundle】1,000 times/day 【Professional Bundle】10,000 times/day 【Professional+ Bundle】30,000 times/day 【Duet Bundle】100,000,000 times/month ■ Other various features including the following - Livehunt (monitoring function using YARA rules) - Retrohunt (search function using YARA rules) - VT Diff - Threat Hunter PRO - VT Graph - VT Insights

Price information

5 million yen or more (however, this varies by license. Please contact us for pricing per license.)

Delivery Time

Applications/Examples of results

By integrating the reputation of files, IPs, domains, etc. (detection status across more than 70 types of antivirus software) with your organization's EDR, SIEM, SOAR, and other systems via API, it is possible to minimize false negatives and false positives from EDR and similar tools. Additionally, it is possible to clarify the nature of the file through determinations made by IDS/YARA/Sigma rules and surface and dynamic analyses using various other tools incorporated into VirusTotal. Furthermore, it is possible to identify entities related to the file (such as communication destination IP addresses, domains, parent files that generate the file, and groups of files bundled with the file) and to investigate those relationships in detail. With the availability of AI-driven code analysis features and dynamic file analysis capabilities in a private environment (optional features), it becomes possible to quickly assess the risk associated with the file.

Detailed information

In addition to searching by hash values, it is possible to specify conditions for searching files, IPs, domains, etc., using various queries (modifiers) (e.g., files that were first observed in the last two days and detected as ransomware by five or more antivirus software). It is also possible to search for collections (groupings of files classified by VirusTotal users, such as "emotet" or "Cobalt Strike").
When you select a file, the Detection tab allows you to check the detection status by various antivirus software. Additionally, you can view not only the current detection status but also the detection status at a specific point in the past on a daily basis.
In a private environment, it is possible to conduct sandbox analysis. This allows you to obtain investigation results while keeping the file itself hidden from other VirusTotal users. This eliminates the risk of unintentionally exposing your company's confidential information to the outside.
The Threat Landscape (VT Insights) feature is only available with the Duet Bundle. This feature allows users to check information related to various IoCs (files, IP addresses, domains) in the Community tab, including "References," "Collections," and "Threat Actors." Additionally, there is a "Subscription" feature that enables continuous monitoring of subscribed IoCs. - References: Users can check information published by various security vendors and researchers. - Collections: Users can review IoCs such as file hash values, webpage URLs/domains, and various IP addresses related to attack campaigns or threat actors, organized into specific groups. - Threat Actors: Users can access details about attacker groups and related IoCs.

Line up（6）

Model number	overview
VirusTotal Basic Bundle	Entry-level license for VirusTotal. Allows the use of the minimum necessary features.
VirusTotal Professional Bundle	License that relaxes various restrictions of the VirusTotal Basic Bundle (such as the number of API calls per day).
VirusTotal Professional+ Bundle	License that not only relaxes various restrictions of the VirusTotal Professional Bundle but also typically includes Threat Hunter PRO (which expands the target files in query searches from only those uploaded in the last 3 months to those uploaded in the last 12 months).
VirusTotal Duet Bundle	Top-tier license that allows access to almost all features of VirusTotal. Includes advanced features such as Threat Landscape (VT Insight), which enables profiling of threat actors and malware itself. Additionally, it allows for listing articles and their contents related to the respective IoC provided by security vendors.
Private Scanning	Option that allows files to be analyzed in a completely private environment without uploading them in a way that can be seen by third parties outside the organization. Available through an optional contract, and included as standard in the Duet Bundle.
Crowdsourced AI	Code assessment feature using various AI models. Displays in natural language how the target file behaves and what security concerns may exist, if any.