ESET Augur to VirusTotal

[Nightowl 202]

I don't know if someone suggested this before , but this could help a little bit , and also even help the engine maybe as more submissions will come as for now VirusTotal checks only the signature database

It will be nice to see the AI in work

Just a suggestion , can be ignored if you'd like

[itman 1,659]

If you open Eset GUI Advanced Setup, you will observe that Augur; i.e. Advanced Machine Learning, is part of the real-time detection engine. As such, there would be a Augur detection, shown as ML/......., if applicable.

Also since Augur is embedded in the detection engine, I don't see how it can be segregated to show detection's specific to it as done at VT for example, by BitDefender.

[Nightowl 202]

9 minutes ago, itman said:

If you open Eset GUI Advanced Setup, you will observe that Augur; i.e. Advanced Machine Learning, is part of the real-time detection engine. As such, there would be a Augur detection, shown as ML/......., if applicable.

Also since Augur is embedded in the detection engine, I don't see how it can be segregated to show detection's specific to it as done at VT for example, by BitDefender.

No I meant like to be used in VirusTotal , Hybrid Analyze , App any run , not the application itself , maybe some page from ESET so people can upload to them and check for AI results

[itman 1,659]

48 minutes ago, Nightowl said:

No I meant like to be used in VirusTotal , Hybrid Analyze , App any run , not the application itself , maybe some page from ESET so people can upload to them and check for AI results

It already exists. Its called;

Quote

ESET Dynamic Threat Defense is a paid service provided by ESET. Its purpose is to add a layer of protection specifically designed to mitigate threats that are new in the wild.

https://help.eset.com/edtd/en-US/overview.html

Only available to corp. customers running EMC.

[Nightowl 202]

21 minutes ago, itman said:

It already exists. Its called;

https://help.eset.com/edtd/en-US/overview.html

Only available to corp. customers running EMC.

Yeah I know this product , I am just talking about adding the AI to VirusTotal or making a dedicated page for that purpose , it's just a suggestion , I am not looking for EDTD

Enabling the AI Engine to be tested by too much people more than what is connected to LiveGrid through ESET , will surely test the engine and make it more powerful because so much more additions will be sent to it.
I tried to remove the format , but it's typing like this , I don't know why..

Sometimes you upload something to VirusTotal , most of them gives you a clean result , only those who work with AI and machine learning , can give you the suspicious marking

It helps a lot , and signature based is so old school at these times , this can help the user and the company , if the company is interested for sure.

Edited February 25, 2020 by Nightowl

[Marcos 5,074]

2 hours ago, Nightowl said:

Enabling the AI Engine to be tested by too much people more than what is connected to LiveGrid through ESET , will surely test the engine and make it more powerful because so much more additions will be sent to it.

I disagree with this statement. The result would be less effective detection since VirusTotal is also used by crooks to test malware before it's released. We get samples from users who have the LiveGrid Feedback system enabled. While we get also certain samples from VirusTotal as well, the number of new samples pales in comparison with the number of new malware we receive from our users. I'd encourage everybody to keep the ESET LiveGrid Feedback enabled since it has several advantages:
- Contributes to better protection for all ESET users
- Should you get infected with new malware we can react quickly fully automatically and improve detection and cleaning
- Safeguards you from possible issues caused by specific protection features when using custom applications by distinguishing your unpopular application from new malware.

[itman 1,659]

2 hours ago, Marcos said:

The result would be less effective detection since VirusTotal is also used by crooks to test malware before it's released.

Very astute statement. 👍

On the other hand, any malware developer "worth his salt" will have all the major AV players software installed and use that to test against. As frequently commented upon, only AV engine components are installed on VT. As such, a product's full protection capability can never be known from a VT scan.

[Nightowl 202]

14 hours ago, Marcos said:

I disagree with this statement. The result would be less effective detection since VirusTotal is also used by crooks to test malware before it's released. We get samples from users who have the LiveGrid Feedback system enabled. While we get also certain samples from VirusTotal as well, the number of new samples pales in comparison with the number of new malware we receive from our users. I'd encourage everybody to keep the ESET LiveGrid Feedback enabled since it has several advantages:
- Contributes to better protection for all ESET users
- Should you get infected with new malware we can react quickly fully automatically and improve detection and cleaning
- Safeguards you from possible issues caused by specific protection features when using custom applications by distinguishing your unpopular application from new malware.

I understand the differences , and I can understand how LiveGrid is better while it's enabled on product , but I was talking about something else , about having Augur on VirusTotal

And about malware developers and if they test their things on VirusTotal or something , but one they won't upload their 0-day malicious data to make it detected , so all the evasion or hidding that he has done is gone

Even though I believe they do test their malware against AVs before they publish , so they know they can bypass/evade