A new code analysis tool called Code Insight, powered by artificial intelligence was launched, according to VirusTotal, on Monday.
The new functionality is driven by the Sec-PaLM large language model (LLM), which is specially tailored for security use cases, and is part of the Google Cloud Security AI Workbench, which was unveiled at the RSA Conference 2023.
In order to understand their (malicious) behavior, possibly hazardous files are analyzed by VirusTotal Code Insight, which makes it easier to determine which of them actually constitute a threat.
This new functionality is now being used to examine a portion of the PowerShell files uploaded to VirusTotal. According to Bernardo Quintero, the founder of VirusTotal, the system eliminates files that are strikingly identical to those that have already been examined as well as ones that are too huge.
Since only the file’s content is being evaluated, Code Insight’s analysis is completely independent of any accompanying metadata (such as antivirus results), which can help with understanding false positives and negatives.
It’s also critical to remember that the accuracy of the code analysis LLM model might vary and is subject to inaccuracies. Security analysts should therefore interpret the information produced by Code Insight while taking into account contextual information pertinent to the analyzed file.
Quintero pointed out that despite this, the addition of LLMs to the suite of code analysis tools is a significant development that enables security experts to learn invaluable information about the composition and behavior of potentially harmful code, enhancing the effectiveness of threat detection and response.