vtenterprise – WindowsTechs.com

Pipelining VT Intelligence searches and sandbox report lookups via APIv3 to automatically generate indicators of compromise

Posted on November 6, 2019 by Emiliano Martinez

TL;DR: VirusTotal APIv3 includes an endpoint to retrieve all the dynamic analysis reports for a given file. This article showcases programmatic retrieval of sandbox behaviour reports in order to produce indicators of compromise that you can use to pow… Continue reading Pipelining VT Intelligence searches and sandbox report lookups via APIv3 to automatically generate indicators of compromise→

Test your YARA rules against a collection of goodware before releasing them in production

Posted on October 28, 2019 by Emiliano Martinez

The rising tide of malware threats has created an arms race in security tool accumulation, this has led to alarm fatigue in terms of noisy alerts and false positives. The last thing you need is more false alarms coming from buggy or suboptimal YARA rul… Continue reading Test your YARA rules against a collection of goodware before releasing them in production→