Minimum Threshold for Malicious Flags on VirusTotal
What is the minimum number of IPs flagged as malicious on VirusTotal that your team has before a particular IOC is considered MALICIOUS. Can you share your reason?
Wanted shared insights because from working at different companies I have seen anywhere from 2 to 30 malicious flags before teams determine an IP (or domain, file hash, etc) is malicious. See an example from the URL below:
B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+