A number of young technology security companies are losing access to the largest collection of industry analysis of computer viruses, a setback industry experts say will increase exposure to hackers.
A number of young technology security companies are losing access to the largest collection of industry analysis of computer viruses, a setback industry experts say will increase exposure to hackers.
The policy change at the information-sharing pioneer VirusTotal takes aim mainly at a new generation of security companies, some with valuations of $1 billion or more, that haven’t been contributing their analysis. Older companies, some with market valuations much smaller than the upstart rivals, had pressed for the shift.
Alphabet Inc’s Google runs the VirusTotal database so security professionals can share new examples of suspected malicious software and opinions on the danger they pose. On Wednesday, the 12-year-old service quietly said it would cut off unlimited ratings access to companies that do not share their own evaluations of submitted samples.
Analysts and executives at several companies said the changes will leave some services more likely to mistakenly classify legitimate software as malicious and less able to protect their customers from real threats, at least in the short term.
“If they no longer have access to VirusTotal, their detection scores will drop,” said Andreas Marx, chief executive of security software evaluation firm AV-TEST. With detection rates down, hackers will find easier entry.
Some security companies rely completely on the database, essentially freeloading, said executives on both sides of the divide, and did not want to share their analysis for fear of being found out.
VirusTotal did not name any companies to be cut off. But several people familiar with the matter told Reuters the move would affect high-profile California firms Cylance Inc, Palo Alto Networks Inc and CrowdStrike Inc, as well as some smaller companies.
