Just Published! Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Hits in Watchlists, feeds or queries for old VirusTotal Threat feed reports

Hits in Watchlists, feeds or queries for old VirusTotal Threat feed reports

Environment

  • Response 6.x and 5.3.x

Symptoms

  • Getting hits in Watchlists, feeds or queries for old VirusTotal reports

Cause

This is expected behavior not that the VirusTotal feed was deprecated in Cb Response and the feed is no longer updates via the CDC.

Resolution

  1. Enable the Cb Reputation Threat feed, instructions on page 253 of the user's guide:
  2. Replace all instances of alliance_score_virustotal: in wachlists, custom feeds and saved queries with alliance_score_srsthreat:

Related Content

A full explanation of the VirusTotal feed deprecation can be found here: [Complete ] VirusTotal Threat Feed in Cb Response is being deprecated in favor of the Cb Reputation ...

Labels (1)
Was this article helpful? Yes No
No ratings
Article Information
Author:
Creation Date:
‎02-19-2018
Views:
578
Contributors