Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Sunday, 3 December, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Reliance on VirusTotal should never be a substitute for a proactive approach to security

by The Gurus
May 12, 2016
in Editor's News
Share on FacebookShare on Twitter

The decision by VirusTotal to restrict access to its service to certain companies underlines the need for businesses to proactively implement whitelist security solutions, rather than place too much faith in blacklist security. This is according to Norwegian app security provider Promon.
VirusTotal, the largest collection of industry analysis of computer viruses, announced last week that it will end unlimited ratings access to companies that do not share their own evaluations of submitted samples. This has led many experts to conclude that businesses frozen out by these new restrictions may be more exposed to hackers as a result.
However, according to Tom Lysemose Hansen, founder and CTO of Promon, the more important point to be made here is that organisations should not be relying so heavily on a service such as VirusTotal in the first place.
Hansen commented: “VirusTotal is a tool that has proven to be indispensable to many companies, and marks a triumph of collaboration between members of the cybersecurity community. But what has emerged from the decision to limit access is that many high-profile security firms rely entirely on VirusTotal’s database to keep ahead of the latest threats.
“Using a database that only contains known threats is equivalent to walking a cybersecurity tightrope, and is not an approach that should be taken by companies whose reputation is founded on technological innovation and expertise.”
Instead, Hansen believes that businesses of all sizes should do more to take charge of their own cybersecurity destiny, by demonstrating proactivity through embracing whitelist security.
He added: “With threats increasing by the day, taking such a passive approach to security just won’t cut it any more. To make data safe from intrusions, companies should be focusing on proactive security, which protects organisations from the unknown threats as well as the known ones. One way to do this is by introducing app hardening software to shield critical applications themselves, rather than by simply establishing a perimeter.
He concluded: “VirusTotal will remain a crucial tool in maintaining cybersecurity awareness. But to rely on it as the sole resource for keeping data safe is insufficient. Reputations are at stake: to keep them intact, adopting whitelist security will enable organisations to remain one step ahead, rather than one step behind.”
I asked several other security experts what they thought would be the repercussions of TotalVirus policy change. Paul Fletcher, cyber security evangelist at Alert Logic felt that active threat intelligence should always be a critical part of an organisation’s overall cyber security strategy, saying “While this policy change will have an impact on gathering intelligence information about the latest threats, it’s always a best practice to have multiple resources in this field of practice.  This is not only true because a resource (paid or free) may alter their policy, but they may also alter algorithms and/or search functionality.  Having multiple resources also helps to verify research for new and emerging malware.  This policy change will impact some organisations, but it reinforces the need for multiple options when it comes to Cyber Security Threat Intelligence.”
Rich Barger, chief intelligence officer at ThreatConnect, commented “VirusTotal is an invaluable resource and one of the de facto first stops for security researchers and practitioners worldwide.  What we are seeing playout is a clash between the old and the new, the established mainstream security vendors and the new school start-ups. VirusTotal, as this de facto monolith, finds itself in the center of the controversy. Many of the established anti-virus and endpoint community have shared scanning technologies as well as malicious files with VirusTotal, where other vendors have not, and are simply piggybacking on the detection ratios of other more established solutions and brands. It appears that VirusTotal is being very careful not to play favorites and wants to make sure that the entire security community is playing on a level playing field while maintaining their best interests as well.”
Aftab Afzal, SVP & GM EMEA at DDoS firm, NSFOCUS IB, concluded “Services like these rely the on input from their entire communities.  Security vendors have a duty of care to share their research for the greater good and, fortunately, most do. There will always be those that just take, and in some cases have little of their own to contribute.  This policy change may have some short term impact however should encourage collaborative behaviour in the longer term.”

FacebookTweetLinkedIn
ShareTweet
Previous Post

Old Android devices at risk from automatically downloaded and executed malware

Next Post

Research Points out the Concerning Lack of Device Security in the Enterprise

Recent News

Google bins inactive accounts

Google bins inactive accounts

December 1, 2023
Laptop, phone, hands

40% of Cybersecurity Departments Want More Budget to Upskill Employees

November 24, 2023
AI Receives £500 Million Funding in Finance Minister’s 2023 Autumn Statement

AI Receives £500 Million Funding in Finance Minister’s 2023 Autumn Statement

November 24, 2023
Half of Cybersecurity Professionals Kept Awake By Workload Worries

Half of Cybersecurity Professionals Kept Awake By Workload Worries

November 24, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information