As security threats and their complexities surge, security analysts deal with increased challenges and best-in-class security tools are essential for every enterprise. Splunk’s latest integration with VirusTotal not only allows customers to access insights from VirusTotal datasets in a one-click experience, but also all informed decisions to be made quickly and accurately.
VirusTotal is one of the most popular and close to real-time crowdsourced malware dataset – the company was launched in June 2004 and acquired by Google in September 2014. Data sources in VirusTotal include crowdsourced YARA rules, sandboxed dynamic analysis, Sigma rules acting on detonation behavior, IDS detections on network traffic and many security vendors. VirusTotal’s latest addition to Splunkbase, VT4Splunk, provides insights and enrichments on IOCs from a single pane of glass. With VT4Splunk, customers can discover CVEs affecting events and run Splunk searches on top of IOCs from these cases. This Google-supported add-on provides native integrations with VirusTotal API from a Splunk interfacing, making security researcher investigations more effective.
With over 2,800 unique apps and add-ons in Splunkbase, native integrations enable Splunk partners to achieve a large set of enterprise customers worldwide and foster innovation, enhance security practices, and cultivate resilience.
To install the free VT4Splunk add-on, login to Splunkbase and view the step-by-step installation guide.
— Alexey Bokov, Cloud Strategist at Splunk
