FireEye Stories Blog

FireEye Integrates Malware Protection Engine in VirusTotal

We are excited to announce the integration of FireEye's malware prevention engine into VirusTotal.

VirusTotal, a Chronicle product, is a free online service that aggregates many anti-malware products and other scanning engines to check for malware and malicious content. The submission of files, URLs, domains, etc. to VirusTotal helps to raise global cyber security understanding.

FireEye's mission is to relentlessly protect our customers with innovative technology and expertise learned from the front lines of cyber attacks. MalwareGuard is a prime example of the FireEye Innovation Cycle where both data and in-depth attacker knowledge went in to its creation. The machine learning model is trained with both public and private data sources, including data gathered from over 17 million endpoint agents, attack analyses based on more than one million hours spent responding to attacks to date, over 200,000 consulting hours every year, and adversarial intelligence collected from a global and multilingual network of analysts.

A distinctive aspect of the FireEye engine in VirusTotal is the combination of a traditional signature-based detection in conjunction with machine learning. The signature-based engine is very effective across known malicious file types while the machine learning engine, MalwareGuard, is focused on unknown and advanced threats. Together, the two engines provide comprehensive coverage across a diverse set of threats.

Using a combination of malware prevention engines, FireEye achieved AV-Comparatives Approved Business Security 2018 certification and was the only next-gen machine learning based scanner with zero false positives.

To learn more about what makes our machine learning approach unique, see our MalwareGuard post and deep learning post, which provide more technical details courtesy of FireEye’s Data Science team.