How does it work?
- Hash Generation: The system generates hashes for process binary data.
- VirusTotal (VT) Query: Hashes are used to construct VT links and query the VT database.
- Link Retrieval: VT link is retrieved and displayed alongside corresponding findings.
- Risk Assessment: Quickly assess risk based on VT reputation data (e.g., benign, suspicious, malicious).
Does customers need a VirusTotal License?
VirusTotal License are not required to leverage this feature.
Are we leveraging VT data when rating the severity of the finding (ex positive match = high / critical, no match at all = low or something like that)
We are not leveraging VT data to rate the severity of the findings.