SweX 871 Posted May 8, 2016 Share Posted May 8, 2016 Maintaining a healthy community VirusTotal was born 12 years ago as a collaborative service to promote the exchange of information and strengthen security on the internet. The initial idea was very basic: anyone could send a suspicious file and in return receive a report with multiple antivirus scanner results. In exchange, antivirus companies received new malware samples to improve protections for their users. The gears worked thanks to the collaboration of antivirus companies and the support of an amazing community. This is an ecosystem where everyone contributes, everyone benefits, and we work together to improve internet security. For this ecosystem to work, everyone who benefits from the community also needs to give back to the community, so we are introducing a few new policies to make sure that our community continues to work for years into the future. First, a revised default policy to prevent possible cases of abuse and increase the health of our ecosystem: all scanning companies will now be required to integrate their detection scanner in the public VT interface, in order to be eligible to receive antivirus results as part of their VirusTotal API services. Additionally, new scanners joining the community will need to prove a certification and/or independent reviews from security testers according to best practices of Anti-Malware Testing Standards Organization (AMTSO)..... hxxp://blog.virustotal.com/2016/05/maintaining-healthy-community.html Link to comment Share on other sites More sharing options...
SweX 871 Posted May 8, 2016 Author Share Posted May 8, 2016 Software security suffers as upstarts lose access to virus data Alphabet Inc's Google runs the VirusTotal database so security professionals can share new examples of suspected malicious software and opinions on the danger they pose. On Wednesday, the 12-year-old service quietly said it would cut off unlimited ratings access to companies that do not share their own evaluations of submitted samples. Some security companies rely completely on the database, essentially freeloading, said executives on both sides of the divide, and did not want to share their analysis for fear of being found out. VirusTotal did not name any companies to be cut off. But several people familiar with the matter told Reuters the move would affect high-profile California firms Cylance Inc, Palo Alto Networks Inc and CrowdStrike Inc, as well as some smaller companies. Cylance said it gave up access to the ratings two weeks ago after deciding not to share its technology. Chief Research Officer Jon Miller said Cylance had not suffered but that others had. "Many next-generation products are simply not functioning right now," he said, declining to say which. He said the loss of VirusTotal could help spur the companies to invest in their own innovation to catch viruses. VirusTotal gets about 400,000 submissions of potentially dangerous files daily, mostly from old-guard antivirus companies like Symantec Corp, Intel Corp and Trend Micro Inc which sit on the most machines. “It was never meant to enable new companies to use it as a shortcut by silently relying on, and benefitting from, the service without a corresponding investment,” said Trend Micro Chief Technology Officer Raimund Genes, one of many old-line tech executives who pushed for the shift. hxxp://www.reuters.com/article/us-cybersecurity-sharing-virustotal-anal-idUSKCN0XY0R4 Research & Development is expensive but essential to keep product development going. So relying on other companies R&D without giving something back is not okey. So much for the so called "next-generation" products. Link to comment Share on other sites More sharing options...
Recommended Posts