Have you seen the “Lucky You” feature in Valkyrie?
1)This shows, by checking with Virustotal, if the unknown file submitted that turned to be malware (after analysis), was detected by anyone in the AV industry at the time of submission.
2)This does the same thing, but compares a specific vendor. In the settings you can choose who your specific vendor was.
This way you can see how LUCKY you are that you switched to Comodo. Because each and every one of these that are not detected would have been a guaranteed infection
I see that, we can even select our favorite AV software. New Valkyrie is very powerfull :-TU I will be happy if it will be integrated into CIS.
Because this Valkyrie is only for Comodo Cloud AV, “integration to CIS” is under discussion
Integrating Valkyrie with CIS will be an important step in the completion of CIS (for as far as it ever will be complete ). Developing of Recognisers for Viruscsope is another new horizon… 8)
Yes, maybe Virsucope more important than Valkyrie implementation. In my opinion, when offline, Viruscope is the only shield that analyze the sandboxed process. It can stop the sandboxed malicious actvity while offline.
I am looking forward to Viruscope updates more :-TU
So, Valkyrie is fully operational now for Comodo Cloud Antivirus? How exactly does it work? I’m interested in hearing the tech and basic mechanisms behind it.
Signature database is one defense line. Valkyrie is much different, so it will not affect the signature database, but increase overall detection rates. Once a file is verdicted, it will of course be reflected on all products.
Thank you for this question. Valkyrie is fully operational now for Comodo Cloud Antivirus, but we are also developing new features (such as “Category-based Filtering”) and they will be added.
As for how it works: when an unknown file is found, Cloud Antivirus sends the file to Valkyrie, and it returns the verdict of the file.
The way it gives the verdict is very different though. It performs various different analysis including tens of different static detections, based on file static attributes + it performs a dynamic analysis by running the application in a virtual environment and monitors its behaviors for more than 1000+ features. Then it combines all the resulting activities and find outs the malware file (or clean if it is not).
What’s the max file size that gets uploaded? Can the user change the max file size? If not, will the user be able to do so in the future? Are executable files compressed before sending? If not, will this be the case in the future?
Does CIS also send the file to valkyrie? If not, will it in the future?
Yes. As per last week’s statistics: %73 of unknown files verdicts’ are returned in 46 seconds in average. And the remaining were resolved in 3 hours 40 minute.
We’ll publish these service levels on the main page of Valkyrie with the next release.
Why aren’t they compressed? With LZMA2 compression, even using the lowest setting yields better results than standard Deflate. You’d save tons of bandwidth, but you’d offload that on decompression load on the CPU’s on your servers. Is that the reason you guys are avoiding compression of submitted samples?
). Developing of Recognisers for Viruscsope is another new horizon… 8)