VirusTotal releases AI tool that recognizes malware and explains it in readable language
Malware scanning website VirusTotal has released an artificial intelligence tool that allows security researchers to automatically analyze code for vulnerabilities. Code Insight then provides a natural language description of what the code does.
VirusTotal announced Code Insight at the RSA Security Conference. The tool runs in Google Cloud, which introduces the Security AI Workbench during RSA. Google’s platform comes with a large language model used for machine learning applications, called Sec-PaLM. VirusTotals Code Insight also uses that llm.
Code Insight can scan potentially dangerous files uploaded via VirusTotal for malware. The tool can then indicate in ‘normally readable language’ what is in the code and what the program does. The tool also indicates what certain parts of the code do. For now, the tool is only training on a small number of PowerShell files uploaded to VirusTotal, but other file formats will be added in “the coming days.” According to VirusTotal, the tool does not work with extremely large files.
According to VirusTotal, Code Insight only looks at the actual code and not at metadata or data added by antivirus software. VirusTotal says that researchers will therefore still have to verify the results so as not to draw incorrect conclusions.