Skip to main content

Help us improve the Digital Marketplace - send your feedback

Brookcourt Solutions

Anti-Malware - Virus Total

VirusTotal is an industry leading tool available as an online service that allows users to analyse files and URLs for potential malware infections. It acts as a centralized platform, providing a collaborative approach to cybersecurity by leveraging the power of multiple antivirus engines and other security tools.

Features

  • Provides context around organization’s observations and logs
  • 15 years of malicious sightings to expedite investigations/discovery
  • Lightning-fast answers to profile adversaries and discover threats
  • Multi-scanning (10+ sandboxes, 20+ static-analyzers, and 70+ antivirus solutions)
  • Agnostic to file types.
  • Provides unrivalled characterization of files and network locations
  • Offers 360º coverage of unknown artifacts.
  • Helps improve security posture by identifying threats

Benefits

  • Holistic view of threats
  • VirusTotal’s simplicity supports teams with limited technical resources
  • VirusTotal benchmarks an organisations endpoint protection tools
  • Provides emerging threats insights and patterns across the cybersecurity landscape
  • Users can explore past threats and understand their evolution
  • Analyzing files/URLs, VirusTotal contributes to a collective threat-intel pool

Pricing

£24,000 a unit

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at contact@brookcourtsolutions.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

7 8 0 2 0 3 3 8 0 5 2 0 9 8 4

Contact

Brookcourt Solutions Phil Higgins
Telephone: 01737 886111
Email: contact@brookcourtsolutions.com

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
N/A
System requirements
  • Avast Software (which includes VirusTotal): See below
  • Windows 11 (except Mixed Reality and IoT Edition)
  • Windows 10 (except Mobile/IoT-Edition, both 32-bit and 64-bit)
  • Windows 8/8.1 (except RT and Starter-Edition, 32-bit and 64-bit)

User support

Email or online ticketing support
Email or online ticketing
Support response times
VirusTotal will provide reasonable support to Customer for technical or operational issues
related to the Covered Service. VirusTotal will use commercially reasonable efforts to reply to Customer’s written
inquiry within 2 business days of VirusTotal’s receipt of Customer’s request.
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
Visit the VirusTotal Contact Us - Support page.
Provide your inquiry details, including your corporate email address and specify where you need support1.
Confirm the details and submit your request.
Web chat accessibility testing
N/A
Onsite support
No
Support levels
VirusTotal will provide reasonable support to Customer for technical or operational issues related to the Covered Service. VirusTotal will use commercially reasonable efforts to reply to Customer’s written
inquiry within 2 business days of VirusTotal’s receipt of Customer’s request
Support available to third parties
No

Onboarding and offboarding

Getting started
There is comprehensive users guides within the Virus Total "VTDoc" library.
Service documentation
Yes
Documentation formats
HTML
End-of-contract data extraction
Virus Total is a cloud service that provides access to its portal and subsequent services based on the contract length agreed with the client. Upon termination of the contract all client data is deleted so any data should be retrieved before the termination date.
End-of-contract process
As a cloud provider the service access is disabled. customer data be exported at any point prior to subscription termination, once the subscription is terminated, VirusTotal retains uploaded files and their metadata for a limited period. The exact duration may vary, but typically, files are retained for a certain number of days (e.g., 30 days). After this period, the files are automatically deleted from the system.

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
Application to install
Yes
Compatible operating systems
  • Android
  • IOS
  • MacOS
  • Windows
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
While both mobile and desktop devices face similar security threats, user behaviour, screen size, and processing power contribute to the differences in how VirusTotal is experienced on these platforms.
Service interface
Yes
User support accessibility
None or don’t know
Description of service interface
VirusTotal provides a web-based interface that allows users to interact with their services. It can be accessed through the Virus Total Website. For more convenient scanning, users can install browser extensions: VT4Browsers for Google Chrome, Mozilla Firefox, and Microsoft Edge. These extensions allow the user to scan files and URLs directly from your browser context menu.
Accessibility standards
None or don’t know
Description of accessibility
Virus Total capability through the web interface:
- File Scanning: Upload files (up to 256 MB) for scanning. VirusTotal checks the file against multiple antivirus engines and provides a report.
- URL Scanning: Enter URLs to check if they are safe or potentially malicious.
- Search Functionality: Search for files, URLs, and domains to see their historical scan results.
- Community Contributions: Contribute to the community by scanning files and URLs.
- API Access: If you have an API key, you can use the VirusTotal API for programmatic access.
Accessibility testing
N/A
API
Yes
What users can and can't do using the API
VirusTotal API:
Upload a file for scanning: analysis your file with 70+ antivirus products, 10+ dynamic analysis sandboxes and a myriad of other security tools to produce a threat score and relevant context to understand it.
Get a file report by hash: given a {md5, sha1, sha256} hash, retrieves the pertinent analysis report including threat reputation and context produced by 70+ antivirus products, 10+ dynamic analysis sandboxes and a myriad of other security tools and datasets.
Scan URL: analysis your URL with 70+ antivirus products/blocklists and a myriad of other security tools to produce a threat score and relevant context to understand it.
Get a URL analysis report: given a URL, retrieves the pertinent analysis report including threat reputation and context produced by 70+ antivirus products/blocklists and a myriad of other security tools and datasets.
Get a domain report: given a domain, retrieves the pertinent analysis report including threat reputation and context produced by 70+ antivirus products/blocklists and a myriad of other security tools and datasets.
Get an IP address report: given an IP address, retrieves the pertinent analysis report including threat reputation and context produced by 70+ antivirus products/blocklists and a myriad of other security tools and datasets.
API documentation
Yes
API documentation formats
HTML
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
VirusTotal provides some customization options for users.:
1. User Account Settings:
o API Keys: Generate and manage API keys for programmatic access.
o Notifications: Customize email notifications for scan results, comments, and more.
o User Profile: Update your profile information and preferences.
2. Custom Scans:
o While the basic scanning process is automated, you can customize your scans by:
 Choosing Specific Engines: You can select specific antivirus engines to use during the scan.
 Adjusting Heuristics: Customize heuristics and sensitivity levels.
 Ignoring Certain Engines: Exclude specific engines from the scan if needed.
3. API Integration:
o If you’re a developer or want to automate tasks, you can use the VirusTotal API.
o Customize your interactions with VirusTotal programmatically by integrating the API into your workflows.
4. Browser Extensions:
o Install the VT4Browsers extension for Chrome, Firefox, or Edge.
o This extension allows you to scan files and URLs directly from your browser context menu.
5. Custom Scripts and Workflows:
o If you have specific requirements, you can create custom scripts or workflows that interact with VirusTotal.
o Use the API or other available tools to tailor your experience.

Scaling

Independence of resources
Virus Total are a wholly own company of Google, and is resident on Google Cloud infrastructure. Virus Total's infrastructure is scaled in such a way as to ensure resource utilisation is not an issue for Virus Total Enterprise clients.

Analytics

Service usage metrics
No

Resellers

Supplier type
Reseller (no extras)
Organisation whose services are being resold
Virus Total

Staff security

Staff security clearance
Other security clearance
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
Other locations
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Other
Other data at rest protection approach
Virus Total platforms are resident on Google cloud infrastructure, and utilise their strong and secure procedures and policies.
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
1. Malware Trends Report: Emerging Formats and Delivery Techniques:
-VirusTotal periodically releases reports on malware trends.
2. File Attributes:
-When analyzing individual files, you can find relevant basic attributes about the file and its relationship with VirusTotal. These include:
Capabilities Tags: A list of representative tags related to the file’s capabilities
Creation Date: Extracted when possible from the file’s metadata
3. VirusTotal Graph:
-VirusTotal Graph is a powerful visualization tool built on top of the VirusTotal data set. It helps investigators understand relationships between files, URLs, domains, IP addresses, and other artifacts encountered during investigations.
Data export formats
CSV
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Virus Total Service will be available for at least 99.9% of the time
in any calendar month.
Approach to resilience
Virus Total is resident on Google Cloud Infrastructure. Google Cloud provides a Security and Resilience Framework that helps organizations ensure continuity and protect their businesses against adverse security and cyber events.
Key components of this framework include:
Risk Assessment & Critical Asset Discovery: Evaluate your organization’s IT risk, identify critical assets, and receive recommendations for improving security posture and resilience.
Secure Software Supply Chain: Protect against supply chain vulnerabilities.
Zero Trust Architecture: Transform security with a Zero Trust approach.
Autonomic Security Operations (ASO): Deliver threat management, threat hunting, and incident response.
Rapid Recovery: Bounce back from security incidents like ransomware within minutes.
Outage reporting
Virus Total uses a combination of API, email reporting and direct communications, where the service allows, to report service outages.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels
Company Confidential - details available through direct channels.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Ernst & Young
ISO/IEC 27001 accreditation date
25/01/24
What the ISO/IEC 27001 doesn’t cover
Note - Virus Total resides on Google Cloud. See - https://cloud.google.com/security/compliance/compliance-reports-manager#/ReportType=Certificate&ProductArea=Google_Cloud
ISO 28000:2007 certification
No
CSA STAR certification
Yes
CSA STAR accreditation date
Ernst and Young
CSA STAR certification level
Level 4: CSA C-STAR Assessment
What the CSA STAR doesn’t cover
See - https://cloud.google.com/security/compliance/compliance-reports-manager#/ReportType=Certificate&ProductArea=Google_Cloud
PCI certification
No
Cyber essentials
No
Cyber essentials plus
No
Other security certifications
Yes
Any other security certifications
  • ISO/IEC 27017:2015
  • ISO/IEC 27701:2019

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • CSA CCM version 3.0
  • ISO/IEC 27001
Information security policies and processes
Virus Total has comprehensive InfoSec Policies and Procedures - these include, but are not limited to: Information Classification, Handling, Appropriate Use, Encryption, Hardening, Patching/Updates, Vulnerability Management, Permitted/Prohibited OEMs, OS/Browsers, Traveling with Device, Passwords, MFA/Authentication, Administrator Accounts, On-/Off-Boarding, Destruction/Sanitization, Third-Party Vendors, Malware, Training, NDA, Removable Media, Temporary Files, IoT, Generic/Shared Accounts, Secure Coding, Physical Security, Clean Desk, InfoSec Awareness, Incident Response.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Company Confidential - details available through direct channels.
Vulnerability management type
Undisclosed
Vulnerability management approach
Company Confidential - details available through direct channels.
Protective monitoring type
Undisclosed
Protective monitoring approach
Company Confidential - details available through direct channels.
Incident management type
Undisclosed
Incident management approach
Company Confidential - details available through direct channels.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Social Value

Social Value

Social Value

Wellbeing

Wellbeing

VirusTotal offers a free variation of its online service that scans files and URLs for malware, viruses, and other threats. It aggregates results from various antivirus engines and provides a comprehensive analysis of potential risks associated with a given file or URL. This contributes to the well being of society as a whole.

Pricing

Price
£24,000 a unit
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
Virus Total is available for use as a free service to everyone. It includes basic and meaningful Virus Total capabilities. Paid for service tiers have a great set of features.
Link to free trial
https://www.virustotal.com/gui/home/upload

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at contact@brookcourtsolutions.com. Tell them what format you need. It will help if you say what assistive technology you use.