Minimum Threshold for Malicious Flags on VirusTotal

egrizzlyegrizzly Member Posts: 533 ■■■■■□□□□□
Hi all,

What is the minimum number of IPs flagged as malicious on VirusTotal that your team has before a particular IOC is considered MALICIOUS. Can you share your reason?

Wanted shared insights because from working at different companies I have seen anywhere from 2 to 30 malicious flags before teams determine an IP (or domain, file hash, etc) is malicious.  See an example from the URL below:

B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+


Sign In or Register to comment.