Code Insight: Virus Total’s Own Take on Generative AI

Let’s face it; we live in an Artificial Intelligence world now. Every single company is introducing its own AI platform/service, including the likes of OpenAI and Bing. A couple of weeks ago, Google joined the mix by creating its own AI chatbot – Google Bard. Now, in comes Virus Total with Code Insight.

Virus Total has been around for quite some time now, offering impeccable analysis of suspicious files and URLs for malicious content.

With Code Insight, what used to give us warnings about malicious programs can also provide natural language summaries of code snippets. In other words, Virus Total has become an even more efficient tool to have, and we’re going to explain everything about it below.

Code Insight: Virus Total with an AI Upgrade

As we mentioned, most tech companies around the world are implementing Artificial Intelligence in their services in hopes of providing the best outcome for customers.

Virus Total took a huge step to improve its service, and it definitely paid off. The platform has over 500,000 registered users, but it provides the malware testing feature to everyone.

But now, instead of giving general security information about the submitted files, Virus Total (With the AI function) explains their (malicious) behavior, giving the ability to identify which of them pose actual threats.

Virus Total uses over 70 antivirus scanners and domain blocklisting services to analyze the files we submit on its platform.

However, with this new AI in place, we’ll be getting so much more in terms of details, explanations, possible threats, and insight into false positives and negatives:

“Code Insight is a new feature based on Sec-PaLM, one of the generative AI models hosted on Google Cloud AI.

What sets this functionality apart is its ability to generate natural language summaries from the point of view of an AI collaborator specialized in cybersecurity and malware.

This provides security professionals and analysts with a powerful tool to figure out what the code is up to. 

At present, this new functionality is deployed to analyze a subset of PowerShell files uploaded to VirusTotal.

The system excludes files that are highly similar to those previously processed, as well as files that are excessively large.

This approach allows for the efficient use of analysis resources, ensuring that only the most relevant files (such as PS1 files) are subjected to scrutiny.

In the coming days, additional file formats will be added to the list of supported files, broadening the scope of this functionality even further.

Source: Virus Total

Of course, just like any AI-generated feature, Code Insight is not perfect. Since the platform integrates code analysis LLM model, it’s still prone to errors.

In other words, some answers might seem irrelevant or wrong. If you’re a security analyst making use of Virus Total’s newly upgraded service, we highly recommend interpreting the Code Insight-generated data while also keeping the contextual data relevant to the analyzed file in mind.

Virus Total – In with Artificial Intelligence

Code Insight is still new, and Virus Total has a long way to go in terms of refining and expanding the capabilities of this new feature.

So far, implementing AI within the platform has given it an elevated touch towards detecting and analyzing malicious programs. We’re quite sure that this is going to get even better in the near future.