03-27-2023 01:25 AM
In the Artifacts section we are not able to see the VT Score . For this we are manually copying the IP's , Hashes & viewing in the Virustotal console.
Got to know we need to configure the API key but the concern is what data does Cortex XDR submit to VT ?
only hashes , IP's or it will upload the entire file ?
What are the precautions/best practices we need to take & does Cortex submits any sensitive data to Virustotal ?
03-27-2023 06:14 AM
Cortex XDR does not upload any information to Virus Total. Cortex XDR does exactly what you do, query VT for hash, domain, ip, etc and shows you the result, if any, for each of the artifacts in the XDR incident.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!