VirusTotal

Updated 1 week ago by Elvis Hovor

This document explains how to set up and use VirusTotal with TruSTAR Station.

VirusTotal inspects items with over 70 antivirus scanners and URL/domain blacklisting services, in addition to a myriad of tools to extract observables from those items.

  • Time to Install: 10 minutes
  • Type of Feed: Query-based
  • Update Frequency: 15 minutes
  • Intel Type: Premium

Data Types

The integration pulls these observables from VirusTotal:

  • IP
  • URL
  • MD5
  • SHA1
  • SHA256

Requirements

  • Membership in the VirusTotal community
  • VirusTotal API Key
TruSTAR Admin rights are required to activate this Premium Intel feed.

Getting Started

  1. Log into TruSTAR Station.
  2. Click the Marketplace icon on the left side icon list.
  3. Choose Closed Sources.
  4. Click Subscribe on the VirusTotal box.
  5. Enter your Recorded Future API key and click Save Credentials & Request Subscription.

TruSTAR will validate the integration within 48 hours and send an email when the integration has been enabled.

Known Issues

No reported issues.

Please reach out to support@trustar.co if you have issues with this integration.


How Did We Do?