In order to use the Polarity - VirusTotal integration an API Key is required.
By default, the VirusTotal API only allows 4 lookups per minute. The Polarity - VirusTotal integration will automatically throttle lookups to stay below this limit.
Indicator Types - IPs, File Hashes, domains, urls
API Key - An API key is needed in order to utilize the Shodan integration. To obtain an API Key, navigate to https://virustotal.com and sign up for an account. Once you have signed up for an account, then navigate to My Account -> to view your API Key.
Show All File Scanner Results - By default the Polarity - VirusTotal integration will show all AV scanner results including results without positive detections. This option allows analysts to only see positive directions to help speed up their workflow.
Show File Hashes with No Detections - By default the Polarity - VirusTotal integration will not show file hashes that do not have any associated detections.
Show IP Addresses with No Detections - By default the Polarity - VirusTotal integration will not show file hashes that do not have any associated detections.
API Key Warning Message - By default the Polarity - VirusTotal integration will provide a warning message to analysts when the API Key has reached its limit. Analysts can easily turn this option off to better tailor their Polarity experience.
Lookup Throttle Duration - To assist in not using up a VirusTotal API Key, the Polarity integration defaults to throttling lookups for 1 minute at a time. An analyst can increase or decrease the throttling time.
Lookup Throttle Warning Message - By default the Polarity - VirusTotal integration will provide a warning message to analysts when the throttling limit has been reached. Analysts can easily turn this option off to better tailor their Polarity experience.