VirusTotal

VirusTotal is our go-to provider of file and URL analysis. The user interface is fantastic, the community is great, and the data is second to none that virus total can provide. With the current world of constant attack, having VirusTotal as a provider to assist us in investigations is absolutely needed.

• File Scanning
• URL Scanning
• Community Feedback

• Indepth analysis of security events
• Helps find risks and false positives

Microsoft Defender for Endpoint (formerly Microsoft Defender ATP), Malwarebytes, Microsoft Defender for Cloud Apps (formerly Microsoft Cloud App Security)

VirusTotal is used to analyze any suspicious files that come into the business via multiple methods - from suspected malware that may be blocked by our email filters but claimed as a false positive by users, to files that may have a suspicious name or suspicious activity. VirusTotal is an excellent additional point of defense.

• Ad-Hoc file checking
• Confirming or denying suspicious files

• Extremely useful to confirm if a file is suspicious or not

SentinelOne, OpenVPN Access Server

I have been casually using and suggesting VirusTotal for years but my company [has] now formally [started to] integrate it into our anti-phishing software which utilizes the VirusTotal API to scan potentially malicious links and attachments.

• The API functionality is a key part of our e-mail hygiene system.
• VirusTotal's multiple scan engines provides more trustworthy results over a single source scan.

• Teaching users to use VirusTotal allows for some self service and quicker turnaround for users with questions about whether links or files are "safe".
• The API integration with our anti-phishing system provides an extra degree of confidence in results vs. a single detection engine technology.

Sophos Intercept X, KnowBe4 PhishER, Tenable.io