August 28, 2016
Google announced last week that it was adding two new engines, CrowdStrike and Invincea, to its malware scanning platform VirusTotal.
Both are part of the new wave of next-gen anti-malware products that rely on machine learning algorithms to analyze behavior and network activity in order to detect anomalies and flag malware.
The news is of great importance if we take a look at how a Google announcement from May has changed the antivirus market in the last three months.
Google kicked out VirusTotal freeloaders in May
On May 4, Google published new API access rules on the VirusTotal blog. Google kicked out all security companies that were using VirusTotal’s API to scan suspicious files and present the results to their clients, as they would be a real antivirus.
Google limited access to the full VirusTotal API only for companies that had a product listed in its scanning service. This meant that many next-gen anti-malware products that used machine learning algorithms were left out in the cold because they used VirusTotal to confirm their findings.
Vendors of classic signature-based products welcomed the move. Most of them had complained to Google about next-gen anti-malware products who pilfered their work, integrated the VirusTotal API as part of their products, but then engaged in aggressive marketing campaigns against old antivirus vendors, trying to discredit their credibility. You can see the irony for yourself and why Google felt the need to make this move.