VirusTotal, a subsidiary of Google, is a free online service that analyzes files and URLs enabling the identification of viruses, worms, trojans and other kinds of malicious content detected by antivirus engines and website scanners. At the same time, it may be used as a means to detect false positives, i.e. innocuous resources detected as malicious by one or more scanners. As part of their “trusted source” initiative, they are approaching software vendors to share their software catalogue with them,
These files are then marked accordingly at VirusTotal and whenever an antivirus solution (mistakenly) detects them, we notify the pertinent vendor, allowing them to quickly correct the false positive. Additionally, when files get distributed to antivirus vendors, they are tagged so that potential erroneous flags can be ignored, preventing a snowball effect with detection ratios.
The first company they approached was Microsoft and Microsoft shared their metadata info.
We have been working on this for just one week and with just one company, Microsoft, yet results look very promising: over 6000 false positives have been fixed. We would like to extend a big thank you to the Microsoft team for sharing metadata about its software collection and to the antivirus industry as a whole for the false positives remediation.
It’s good to see two fierce competitors cooperating on things which will improve the experience of millions of consumers.