The Invincea and CrowdStrike engines joined the Google malware scanning platform, VirusTotal, last week.
Now, as part of the next-generation anti-malware products, they both are using machine learning algorithms to analyze network activity and behavior in order to detect malware threats.
Considering how the anti-virus marked has changed in the last three months, due to an announcement Google made in May this year, this news is really important.
On May 4th, the API access rules on the VirusTotal blog were changed. All security firms using the VirusTotal API to scan shady-looking files and presenting the results to their clients as they would be a real anti-virus, were kicked out by Google.
Since then, access to the full VirusTotal API had only companies, whose products were listed in its scanning service. This meant that a lot of next-gen anti-malware products, relying on machine learning algorithms, were left out because they were using VirusTotal to confirm their findings.
Security vendors with standard signature-based products were more than happy about Google`s decision, as many of them had already complained about the new wave of anti-malware products, which were stealing their job. The next-gen products were integrating the VirusTotal API as part of them, but then participating in huge and aggressive marketing campaigns against old antivirus vendors, disgracing their credibility.
However, Google left the door open for next-gen anti-malware products. The company said that any security vendor can integrate their product in VirusTotal and have access to the full API. They can do this as long as they become members of the Anti-Malware Testing Standards Organization (AMTSO) and provide data back to the community.
On August 25th, AMTSO welcomed its very first next-gen anti-malware vendor, CrowdStrike, and its product, Falcon (ML), was the first to join VirusTotal.
Only one day after CrowdStrike, Invincea joined AMTSO and VirusTotal as well. Invincea`s product, called X, was started using US DARPA funding.
