Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Sunday, 3 December, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Lastline – Virus Total is good, but industry needs something better

by The Gurus
October 7, 2014
in Editor's News
Share on FacebookShare on Twitter

Virus Total has been described as a useful tool, but the industry needs something better.
 
Talking to IT Security Guru, Giovanni Vigna, co-founder and CTO of Lastline, said that it has run malware on Virus Total which is “the wrong tool in a way and sometimes people get upset when people run tests on it, but it is the only one we have”.
 
Asked if he felt that something could replace it, Vigna said that Virus Total is “a fantastic tool”, but said that the industry needs something better as the tools that run in Virus Total are just normal anti-virus.
 
He said: “I think that this is something that the security community has already acknowledged and the anti-virus companies know that we need to go beyond static signatures and we need dynamic data and dynamic execution to work with.”
 
Jaime Blasco, director of AlienVault labs, praised Virus Total as “a great tool for researchers” as it lets you easily explore certain pieces of malware and obtain new information when you are investigating a certain incident or malware family.
 
He said: “The Virus Total team has done a great job (the company was started in Spain like us) and Google bought them a few years ago. The problem when you use Virus Total as a tool to ‘compare’ anti-virus solutions, the engines that they use usually work in ’static mode’, meaning that they only analyse the file itself.
 
“The problem is anti-virus usually has more features that can only be tested when they are running in real environments, such as behavioural analysis or when it comes to exploit detection, they use heuristics that can only be applied in a real environment.”
 
Mark Osborn, senior security consultant at MWR InfoSecurity, said: “We believe Virus Total isn’t ‘broken’, it’s just a tool; and as a tool to provide information, it works extremely well. In fact, other tools are also hooking into it and providing extra value.
 
“Virus Total does, however, go right to the heart of the anti-virus problem: there is no asymmetry between attacker and defender – both parties have access to the same information and this will always result in an advantage to the attacker.”
 
Luis Corrons, technical director of PandaLabs at Panda Security, also defended Virus Total, saying it was not the industry as a whole who built Virus Total, instead it was a company that had a brilliant idea and decided to give it a try.
 
“If Lastline had better ideas I am sure they could start a new project covering this, or they could even talk to Virus Total (or other companies offering similar services) and tell them their ideas to see if they can be implemented,” he said.
 
Osborn said: “If a Virus Total alternative existed, which only defenders had access to, then this would be of much more value to the defenders. This is the main reason behind our recent release of a new service which may go some way to tipping the balance in favour of network defenders tackling the threat of advanced malware.”

FacebookTweetLinkedIn
Tags: Anti-VirusGoogleLastlineToolVirus Total
ShareTweet
Previous Post

Lawyer and accountant cyber training initiative launched

Next Post

Humans can’t be patched, so integrate IT security at board level

Recent News

Google bins inactive accounts

Google bins inactive accounts

December 1, 2023
Laptop, phone, hands

40% of Cybersecurity Departments Want More Budget to Upskill Employees

November 24, 2023
AI Receives £500 Million Funding in Finance Minister’s 2023 Autumn Statement

AI Receives £500 Million Funding in Finance Minister’s 2023 Autumn Statement

November 24, 2023
Half of Cybersecurity Professionals Kept Awake By Workload Worries

Half of Cybersecurity Professionals Kept Awake By Workload Worries

November 24, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information