The power of VALKYRIE.....our beloved Goddess!

Have you seen the “Lucky You” feature in Valkyrie?
1)This shows, by checking with Virustotal, if the unknown file submitted that turned to be malware (after analysis), was detected by anyone in the AV industry at the time of submission.
2)This does the same thing, but compares a specific vendor. In the settings you can choose who your specific vendor was.
This way you can see how LUCKY you are that you switched to Comodo. Because each and every one of these that are not detected would have been a guaranteed infection

[attachment deleted by admin]

I see that, we can even select our favorite AV software. New Valkyrie is very powerfull :-TU
I will be happy if it will be integrated into CIS.
Because this Valkyrie is only for Comodo Cloud AV, “integration to CIS” is under discussion :cry:

Yes indeed this should be integrated also in CIS. :-\

Thanks for that. Finally the comodo av will have a great detection rate :P0l

Integrating Valkyrie with CIS will be an important step in the completion of CIS (for as far as it ever will be complete :wink: ). Developing of Recognisers for Viruscsope is another new horizon… 8)

Yes, maybe Virsucope more important than Valkyrie implementation. In my opinion, when offline, Viruscope is the only shield that analyze the sandboxed process. It can stop the sandboxed malicious actvity while offline.
I am looking forward to Viruscope updates more :-TU

We all know that Valkyrie is very powerful :-TU… We are waiting for integrating Valkyrie with CIS :slight_smile:

It is unclear to me how files verdicted by Valkyrie as malicious will affect the signatures database at the moment.

So, Valkyrie is fully operational now for Comodo Cloud Antivirus? How exactly does it work? I’m interested in hearing the tech and basic mechanisms behind it.

I can’t wait to give you good news about this also. Very soon…

Signature database is one defense line. Valkyrie is much different, so it will not affect the signature database, but increase overall detection rates. Once a file is verdicted, it will of course be reflected on all products.

Thank you for this question. Valkyrie is fully operational now for Comodo Cloud Antivirus, but we are also developing new features (such as “Category-based Filtering”) and they will be added.

As for how it works: when an unknown file is found, Cloud Antivirus sends the file to Valkyrie, and it returns the verdict of the file.

The way it gives the verdict is very different though. It performs various different analysis including tens of different static detections, based on file static attributes + it performs a dynamic analysis by running the application in a virtual environment and monitors its behaviors for more than 1000+ features. Then it combines all the resulting activities and find outs the malware file (or clean if it is not).

What’s the max file size that gets uploaded? Can the user change the max file size? If not, will the user be able to do so in the future? Are executable files compressed before sending? If not, will this be the case in the future?

Does CIS also send the file to valkyrie? If not, will it in the future?

So, this is sort of real-time and not like CIS analysis that take for ages (months even) after you submit/upload a file?

Yes. As per last week’s statistics: %73 of unknown files verdicts’ are returned in 46 seconds in average. And the remaining were resolved in 3 hours 40 minute.

We’ll publish these service levels on the main page of Valkyrie with the next release.

The max size on Valkyrie is 25MB. No, the user cannot change, and no plan in the future. But we’re increasing it already on Valkyrie side.

The executables are not compressed, and no, it will not be in the future (many new concerns should be addressed for this)

Why aren’t they compressed? With LZMA2 compression, even using the lowest setting yields better results than standard Deflate. You’d save tons of bandwidth, but you’d offload that on decompression load on the CPU’s on your servers. Is that the reason you guys are avoiding compression of submitted samples?

We can consider this as a new request, but the concerns should be addressed of course.

Hi fatih.orhan,

Still new malware which are detected by CIS database are not detected by Valkyrie signature based detection!, why?