A number of young technology security companies are losing access to the largest collection of industry analysis of computer viruses, a setback experts say will increase exposure to hackers.
The policy change at the information-sharing pioneer VirusTotal takes aim mainly at a new generation of security companies, some with valuations of $US1 billion or more, that haven't been contributing their analysis.
Older companies, some with market valuations much smaller than the upstart rivals, had pressed for the shift.
Alphabet Inc's Google runs the VirusTotal database so security professionals can share new examples of suspected malicious software and opinions on the danger they pose. On Wednesday, the 12-year-old service quietly said it would cut off unlimited ratings access to companies that do not share their own evaluations of submitted samples.
Analysts and executives at several companies said the changes will leave some services more likely to mistakenly classify legitimate software as malicious and less able to protect their customers from real threats, at least in the short term.
"If they no longer have access to VirusTotal, their detection scores will drop," said Andreas Marx, chief executive of security software evaluation firm AV-TEST. With detection rates down, hackers will find easier entry.
Some security companies rely completely on the database, essentially freeloading, said executives on both sides of the divide, and did not want to share their analysis for fear of being found out.
VirusTotal did not name any companies to be cut off. But several people familiar with the matter told Reuters the move would affect high-profile California firms Cylance Inc, Palo Alto Networks Inc and CrowdStrike Inc, as well as some smaller companies.
Cylance said it gave up access to the ratings two weeks ago after deciding not to share its technology. Chief research officer Jon Miller said Cylance had not suffered but that others had.
"Many next-generation products are simply not functioning right now," he said, declining to say which. )
He said the loss of VirusTotal could help spur the companies to invest in their own innovation to catch) viruses.
Asked whether it had been kicked off the service, Palo Alto said only that it had not been relying on the VirusTotal peer determinations and expected "no impact" on customers.
CrowdStrike said it was negotiating with VirusTotal and had not been cut off by Saturday.
"We support the mission of VirusTotal and have reached out to them to explore additional ways we can collaborate for the benefit of the entire security community," the company wrote in an emailed statement.
VirusTotal gets about 400,000 submissions of potentially dangerous files daily, mostly from old-guard antivirus companies like Symantec Corp, Intel Corp and Trend Micro Inc which sit on the most machines.
"It was never meant to enable new companies to use it as a shortcut by silently relying on, and benefiting from, the service without a corresponding investment," said Trend Micro chief technology officer Raimund Genes.
Share
