Story image

CrowdStrike brings the power of signature-less machine learning to VirusTotal

29 Aug 2016

CrowdStrike has delivered the first signature-less machine learning engine to be incorporated into VirusTotal's malware scanning service, which will allow users to get more information about detected malware samples.

VirusTotal is a Google subsidiary that analyses files and URLs for free to protect against viruses, trojans, worms and other cyber threats.

CrowdStrike has been an active member in the VirusTotal community, and the latest evolution in security learning is a step in the right direction for the company.

“CrowdStrike is proud to support the VirusTotal mission and to be the first next-generation endpoint security vendor to contribute its engine to the community. Advanced prevention is a critical component of CrowdStrike’s endpoint protection platform and innovative approach that unifies next-gen AV with EDR and managed hunting," says Dmitri Alperovitch, CrowdStrike co-founder and chief technology officer.

Instead of a malware sample being subjected to a normal pass-fail routine, the new machine learning engine uses a confidence level that does not need signatures so even threats currently unknown to the cybersecurity industry can be detected.

As a result, VirusTotal provides additional insight about suspected threats. The company says the machine learning engine received 100% efficacy and 0% false positive scores on its Independent Antivirus Certification by SE Labs.

"CrowdStrike shows the broader security community they place value in being an active contributor to security practitioners within their products and services and through partnerships like this one.They keep the benefits of VirusTotal's visibility and VirusTotal users get the benefit of using an advanced detection engine. For other security vendors, the clock is now ticking to show their ability to execute by enabling their products to work with VirusTotal as well as their overall commitment to the security community at large," says Jeff Pollard, principal analyst at Forrester.

CrowdStrike's Falcon platform also uses an 'innovative' approach to endpoint detection across more than 170 countries. The company believes it is setting a good example for other cybersecurity providers.

CrowdStrike customers rely on Falcon Host for AV protection every day and we are looking forward to contributing our technology for the benefit of the community and end-users. We hope that our commitment to openness inspires other vendors to follow suit,” Alperovitch concludes.

Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.
How blockchain could help stop video piracy in its tracks
An Australian video tech firm has successfully tested a blockchain trial that could end up being a welcome relief for video creators and the fight against video piracy.
IBM X-Force Red & Qualys introduce automated patching
IBM X-Force Red and Qualys are declaring a war on unpatched systems, and they believe automation is the answer.
Micro Focus acquires Interset to improve predictive analytics
Interset utilises user and entity behavioural analytics (UEBA) and machine learning to give security professionals what they need to execute threat detection analysis.
Raising the stakes: McAfee’s predictions for cybersecurity
Security teams and solutions will have to contend with synergistic threats, increasingly backed by artificial intelligence to avoid detection.
Exclusive: Ping Identity on security risk mitigation
“Effective security controls are measured and defined by the direct mitigation of inherent and residual risk.”
CylancePROTECT now available on AWS Marketplace
Customers now have access to CylancePROTECT for AI-driven protection across all Windows, Mac, and Linux (including Amazon Linux) instances.