VirusTotal integration with the security investigation tool provides deeper insight into Chrome events

What’s changing 

You can now use VirusTotal to view deeper insights on Chrome log events in the Security Investigation Tool. This ability is already available for Gmail event logs



Who’s impacted 

Admins 


Why it’s important 

Admins can use the VirusTotal integration to view more information on Chrome log events, specifically to determine whether any content transfers via Chrome are malicious. 


Additional details 

VirusTotal provides an investigation layer on top of alerts but isn’t being used directly for detection or alerting. 


Data (file attachment hashes) is only shared to VirusTotal after the admin selects to view the VirusTotal report. No data is otherwise shared. 


VirusTotal data is shared with the broader security community. This enables security vendors to collaborate with each other, share important details, and take action to fight security threats. 


The VirusTotal report has two versions: Standard and Enhanced. The Standard version is displayed for admins who have the Security Center > VirusTotal > View report privilege, and who have one of the required Google Workspace editions. The Enhanced version is automatically displayed for paid VirusTotal subscribers who have an active virustotal.com login session with their VT Enterprise user account. Visit the Help Center for more information. 

Getting started 


Rollout pace 


Availability 

  • Available to Google Workspace Enterprise Plus, Education Standard, and Education Plus customers 
  • Not available to Google Workspace Essentials, Business Starter, Business Standard, Business Plus, Enterprise Essentials, Enterprise Standard, Education Fundamentals, Frontline, and Nonprofits, as well as G Suite Basic and Business customers 

Resources