Antivirus software is considered to be efficient when it produces minimum false positives. In fact, it is the most important feature that an antivirus program must possess. False positives are nothing but the virus scan results which wrongly indicate that a certain program or application is harmful or is affected by a virus. These kind of results are also harmful because the results may cause deletion of a rather useful program. Due to the false positive results, the antivirus program may also block the program or application from running smoothly on the computer. Hence, it is necessary that there are less or no false positive results.
VirusTotal Monitor mitigates the false positives
VirusTotal Monitor is a program that supports the antivirus programs. In order to empower the antivirus software and applications, VirusTotal has studied various types of malware. Hence, the program can support antivirus software to better detect the virus and not wrongly detect a program as harmful. Earlier, VirusTotal Monitor program was focused on helping the antivirus industry flag malicious files. Now, the updated version of this program helps the antivirus programs to fix mistaken detections of legit files, i.e., false positives.
How VirusTotal Monitor helps antivirus programs
As VirusTotal Monitor’s team mentions in a blog, false positives impact not only the antivirus vendors; but also the software developers and end-users.
For an antivirus vendor, flagging a popular software or application as malware may result in reputation damage. Along with it, detection of the same program as malware leads to the software being quarantined and blocked from running on end-user machines. As a result, end-users are confused whether the program has trojanized their machines since they are not able to access it like before. For a software developer, this immediately translates to blacking out in the entire user base of the detecting AV vendor. Suddenly, they not only lose revenue coming from the installed base, but also trust from less technical users that do not really understand what is going on, and they get overloaded with support tickets accusing them of infecting user machines. As a result, the software or application may sue the antivirus company for the damage.
This whole fiasco can be saved if the AV program is able to avoid false positives. And this is where VirusTotal Monitor helps the AV programs.
VirusTotal Monitor mentions,
“VirusTotal Monitor is a new service that allows software developers to upload their creations to a private cloud store in VirusTotal. Files in this private bucket are scanned with all 70+ antivirus vendors in VirusTotal on a daily basis, using the latest detection signature sets. Files also remain absolutely private, not shared with third-parties. It is only in the event of a detection that the file will be shared with the antivirus vendor producing the alert. As soon as the file is detected, both the software developer and the antivirus vendor are notified, the antivirus vendor then has access to the file and its metadata (company behind the file, software developer contact information, etc.) so that it can act on the detection and remediate it if it is indeed considered a false positive. The entire process is automatic.”
Read more about VirusTotal Monitor on this blog.
- Tags: Misc