VirusTotal v7 Plugin Update

Hello, InsightConnect automation community,

As some of you may have seen, we recently released a major version update for our VirusTotal Plugin. This update enables the plugin to start leveraging VirusTotal’s recently released v3 API, which “exposes far richer data in terms of: IoC relationships, sandbox dynamic analysis information, static information for files, YARA workloads management, crowdsourced detection details, etc,” per VirusTotal

With this API version change, you will notice some changes in the actions supported as well as changes to the output schemas of those actions. This means that if you wish to update the VirusTotal plugin in your existing workflows, you will likely need to make some follow-on changes to steps that were referencing any outputs of the old VirusTotal steps before you can update your workflow. Be mindful of this, especially in your larger workflows!

Also, note that VirusTotal has not announced any plans to deprecate their old v2 API just yet, so older versions of the plugin using that API should continue to work for the foreseeable future.

It does seem with the recent API updates that VirusTotal is moving in a direction where certain pieces of data may or may not be available depending on whether you are using the public (free) or premium (paid) API. We will continue to monitor this but it is something to be aware of if you are using the public API.

Please let us know if you have any questions or concerns!

1 Like