Chronicle Unveils VirusTotal Enterprise
28.9.2018 securityweek Security
Chronicle on Thursday announced VirusTotal Enterprise, a new platform that combines existing VirusTotal capabilities with expanded functionality and new features to help organizations protect their networks.
Chronicle is a subsidiary of Google's parent company, Alphabet Inc. VirusTotal became part of Chronicle in January 2018.
According to the cybersecurity firm, VirusTotal Enterprise allows users to search for known and unknown malware, and analyze relationships between malware samples. These tasks can be automated using the company’s API.VirusTotal Enterprise
Chronicle told SecurityWeek that pricing for VirusTotal Enterprise starts at $10,000 per year and goes up depending on usage.
With VirusTotal Enterprise, the existing VirusTotal malware intelligence service is extended with new capabilities provided by Private Graph, an improved version of the Graph visualization tool.
Private Graph allows security teams to enhance malware relationship graphs with information from their own assets, including machines, departments and users. And unlike regular graphs, private graphs cannot be seen by users of the public VirusTotal service.
Chronicle says private graphs allow teams to collaborate securely in incident investigations, and they automatically extract node commonalities to identify indicators of compromise (IoC).
The malware search features are also more advanced in VirusTotal Enterprise. Chronicle promises that searches are 100 times faster, more powerful, and more accurate due to additional search parameters. For instance, users can extract a fake app’s icon and identify all malware samples that use the same icon file.
All of the features and capabilities provided by VirusTotal Enterprise are accessible from a single and unified interface. Existing two-factor authentication can be used to protect Enterprise accounts, and new API management helps control corporate access.
“We continue to leverage the power of Google infrastructure to expand the search and analysis capabilities of VirusTotal,” Chronicle said in a blog post. “As part of Chronicle, we also continue to add features to make VirusTotal more useful for enterprise security analysts. VirusTotal Enterprise will give those analysts new ability to search more data, faster, and to visualize it in new ways.”
The company says the features in VirusTotal Enterprise will become available to new and existing customers in the coming weeks.