Categories
Welcome Center
Education & Development
Discussions
Certification Preparation
Recent Posts
Groups
Free Resources
Ebooks
Free Workshops
Trending Certifications Infographic
Infosec Training
IT & Security Training
Live Boot Camps
Security Awareness Training
About Infosec Institute
Home
Discussions
IT & Cybersecurity
Minimum Threshold for Malicious Flags on VirusTotal
egrizzly
Hi all,
What is the minimum number of IPs flagged as malicious on VirusTotal that your team has before a particular IOC is considered MALICIOUS. Can you share your reason?
Wanted shared insights because from working at different companies I have seen anywhere from 2 to 30 malicious flags before teams determine an IP (or domain, file hash, etc) is malicious. See an example from the URL below:
VirusTotal 2 Security Vendors Flagged as Malicious
Find more posts tagged with
virustotal
malicious
flags
Save $250 on 2025 certification boot camps from Infosec!
Book now with code EOY2025
Button
Comments
JDMurray
It's not the
number
of vendors flagging but instead
which
vendors are flagging. Pick the security vendors you trust the most (e.g., Trellix, Symantec,
Malwarebytes, PhishLabs, etc.
) and look for flags from only them.
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
INFOSEC Boot Camps
$250
OFF
Use code
EOY2025
to receive $250 off your 2025 certification boot camp!
BROWSE BOOT CAMPS
