Get in Touch with Security Vendors: Your Guide to Contacting VirusTotal and Beyond
BY Dewacorp Support
29 March 2023
As we wrote this blog – Managing the Aftermath of a Web Phishing Attack: Strategies from Detection to Last Vendor False Positive Cleared (see the link below), we then created an extended blog dedicated to how to contact the security vendor for VirusTotal and Non-VirusTotal vendors. This list might grow, especially for the Non-VirusTotal list.
VirusTotal and other 85+ Security Vendors
VirusTotal only aggregates data from a variety of vendors. They produce no verdicts, so they can’t modify these results. They are not intended to be an authoritative reputation engine but rather provide intelligence and context to users so that the user can make the best decision. 1/60 and even 5/60 doesn’t automatically mean “Bad”, and 0/60 doesn’t always mean good. Each decision on whether something is malicious ultimately the responsibility of users or the security vendors who use the data to improve their services.
Below are the steps to take if you want to fix a false positive report.
If the false positive is for a File or a URL, try re-scanning first.
If the false positive persists, please contact the vendor, providing a link to the Virustotal report. A list of vendor contacts can be found in the table below.
If you do reach out to VirusTotal, we will tell you to contact the vendors, as we cannot modify any results of scans.
VirusTotal caches some URL results. If vendors have confirmed removal, but a URL is still detecting, please reach out to us along with evidence that the vendor has removed their URL from the blacklist, as they may be able to speed up propagation.