This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Container Threat Detection (KTD) - VirusTotal-Hash Links

Posted a week ago
rafaelramirez
Staff
Reply posted on --/--/---- --:-- AM

How does it work?

  • Hash Generation: The system generates hashes for process binary data.
  • VirusTotal (VT) Query: Hashes are used to construct VT links and query the VT database.
  • Link Retrieval: VT link is retrieved and displayed alongside corresponding findings.
  • Risk Assessment: Quickly assess risk based on VT reputation data (e.g., benign, suspicious, malicious).

Screenshot 2025-06-09 at 11.28.26โ€ฏAM.png

Does customers need a VirusTotal License?
VirusTotal License are not required to leverage this feature.

Are we leveraging VT data when rating the severity of the finding (ex positive match = high / critical, no match at all = low or something like that) 
We are not leveraging VT data to rate the severity of the findings. 

1 0 42
Topic Labels
0 REPLIES 0