SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
CrowdStrike brings the power of signature-less machine learning to VirusTotal
Mon, 29th Aug 2016
FYI, this story is more than a year old

CrowdStrike has delivered the first signature-less machine learning engine to be incorporated into VirusTotal's malware scanning service, which will allow users to get more information about detected malware samples.

VirusTotal is a Google subsidiary that analyses files and URLs for free to protect against viruses, trojans, worms and other cyber threats.

CrowdStrike has been an active member in the VirusTotal community, and the latest evolution in security learning is a step in the right direction for the company.

“CrowdStrike is proud to support the VirusTotal mission and to be the first next-generation endpoint security vendor to contribute its engine to the community. Advanced prevention is a critical component of CrowdStrike's endpoint protection platform and innovative approach that unifies next-gen AV with EDR and managed hunting," says Dmitri Alperovitch, CrowdStrike co-founder and chief technology officer.

Instead of a malware sample being subjected to a normal pass-fail routine, the new machine learning engine uses a confidence level that does not need signatures so even threats currently unknown to the cybersecurity industry can be detected.

As a result, VirusTotal provides additional insight about suspected threats. The company says the machine learning engine received 100% efficacy and 0% false positive scores on its Independent Antivirus Certification by SE Labs.

"CrowdStrike shows the broader security community they place value in being an active contributor to security practitioners within their products and services and through partnerships like this one.They keep the benefits of VirusTotal's visibility and VirusTotal users get the benefit of using an advanced detection engine. For other security vendors, the clock is now ticking to show their ability to execute by enabling their products to work with VirusTotal as well as their overall commitment to the security community at large," says Jeff Pollard, principal analyst at Forrester.

CrowdStrike's Falcon platform also uses an 'innovative' approach to endpoint detection across more than 170 countries. The company believes it is setting a good example for other cybersecurity providers.

CrowdStrike customers rely on Falcon Host for AV protection every day and we are looking forward to contributing our technology for the benefit of the community and end-users. We hope that our commitment to openness inspires other vendors to follow suit,” Alperovitch concludes.