Introducing VT4Splunk – The official VirusTotal App for Splunk
Virus Total Blog – Daniel Pascual
TL;DR: VT4Splunk, VirusTotalâs official Splunk plugin, correlates your telemetry with VirusTotal context to automate triage, expedite investigations and unearth threats dwelling undetected in your environment. This extends Splunkâs own VirusTotal plugin for their SOAR. Next March 30th we will host a webinar along with Splunk to show how to do security investigations with Splunk and VirusTotal. Register here!

VirusTotal had Splunk plugins for a while, most of theme developed by community contributors and other 3rd-parties. For instance, VirusTotalâs plugin for Splunk SOAR, which ranks #1 in the Threat Intelligence Reputation space is developed by our friends over at Splunk, and we highly recommend it.

However, we wanted to truly showcase what VirusTotal can do for your SIEM and VT4Splunk v1 is our proposed solutions. It is free and you can download it from Splunkbase. It is compatible with Splunk +8.x Enterprise and Cloud versions. In a nutshell, VT4Splunk automatically enriches your Splunk logs with threat intelligence coming from VirusTotal, to gain superior visibility and understanding. Letâs dive into specific use cases and outcomes.
Link: https://blog.virustotal.com/2023/03/introducing-vt4splunk-official.html