Community Blog
Get the latest updates on the Splunk Community, including member experiences, product education, events, and more!

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

Splunk Employee
Splunk Employee

As security threats and their complexities surge, security analysts deal with increased challenges and best-in-class security tools are essential for every enterprise. Splunk’s latest integration with VirusTotal not only allows customers to access insights from VirusTotal datasets in a one-click experience, but also all informed decisions to be made quickly and accurately.

VirusTotal is one of the most popular and close to real-time crowdsourced malware dataset – the company was launched in June 2004 and acquired by Google in September 2014.  Data sources in VirusTotal include crowdsourced YARA rules, sandboxed dynamic analysis, Sigma rules acting on detonation behavior, IDS detections on network traffic and many security vendors. VirusTotal’s latest addition to Splunkbase, VT4Splunk, provides insights and enrichments on IOCs from a single pane of glass. With VT4Splunk, customers can discover CVEs affecting events and run Splunk searches on top of IOCs from these cases. This Google-supported add-on provides native integrations with VirusTotal API from a Splunk interfacing, making security researcher investigations more effective. 


With over 2,800 unique apps and add-ons in Splunkbase, native integrations enable Splunk partners to achieve a large set of enterprise customers worldwide and foster innovation, enhance security practices, and cultivate resilience. 

To install the free VT4Splunk add-on, login to Splunkbase and view the step-by-step installation guide.

— Alexey Bokov, Cloud Strategist at Splunk


Get Updates on the Splunk Community!

Using Machine Learning for Hunting Security Threats

WATCH NOW Seeing the exponential hike in global cyber threat spectrum, organizations are now striving more for ...

Observability Newsletter Highlights | March 2023

 March 2023 | Check out the latest and greatestSplunk APM's New Tag Filter ExperienceSplunk APM has updated ...

Security Newsletter Updates | March 2023

 March 2023 | Check out the latest and greatestUnify Your Security Operations with Splunk Mission Control The ...