No more typing reviews! Try our Samantha, our new voice AI agent.
VirusTotal Logo

VirusTotal Reviews

Vendor: VirusTotal
4.4 out of 5
Leave a review

What is VirusTotal?

VirusTotal integrates over 70 antivirus scanners and provides advanced malware detection and threat intelligence. This powerful tool analyzes files, IPs, and URLs, offering insights into malicious behavior through its vast worldwide malware database and automation capabilities.

Get the Anti-Malware Tools Buyer's Guide and find out what your peers are saying about VirusTotal, CrowdStrike Falcon, Microsoft Defender for Endpoint and more!
VirusTotal is the #4 ranked solution in top Anti-Malware Tools and top Threat Intelligence Platforms. PeerSpot users give VirusTotal an average rating of 8.8 out of 10. VirusTotal is most commonly compared to CrowdStrike Falcon: VirusTotal vs CrowdStrike Falcon. VirusTotal is popular among the large enterprise segment, accounting for 51% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 13% of all views.
Buyer's Guide
Anti-Malware Tools
April 2026
Get the category report
Helped 892,383 peers since 2012

Featured VirusTotal reviews

Read more reviews

VirusTotal mindshare

Product category:
Anti-Malware Tools
As of April 2026, the mindshare of VirusTotal in the Anti-Malware Tools category stands at 3.0%, down from 5.0% compared to the previous year, according to calculations based on PeerSpot user engagement data.
Anti-Malware Tools Mindshare Distribution
ProductMindshare (%)
VirusTotal3.0%
Microsoft Defender for Endpoint6.9%
F-Secure Total2.9%
Other87.2%
Anti-Malware Tools
 
 
Key learnings from peers

Valuable Features

VirusTotal's worldwide malware database is highly valuable, offering malware detection, IP reputation checks, and URL analysis. Its API systems enable automation, while its community feature provides threat intelligence. Users appreciate the ability to analyze large files with various sandboxes, access detailed malware insights, and identify file signatures for threat detection. Google’s development enhances efficiency. Accurate information is provided, including multi-scanner integration and comprehensive threat data, aiding in avoiding false positives and understanding malicious behaviors.
  • "I have never had any problems with stability or bugs while using VirusTotal."
  • "VirusTotal provides 95% to 98% accurate information."
  • "VirusTotal provides 95% to 98% accurate information."

Room for Improvement

VirusTotal requires enhancements in its user interface and automation features and needs clearer query and API documentation. It lacks advanced AI integration compared to competitors and should improve threat detection by strengthening internal domain protection. False positives need reduction and its API needs more support. Enhanced threat intelligence correlation, better threat telemetry, clearer score accuracy, more affordable licensing options, and increased promotion in the Middle East are also suggested improvements.
  • "They can improve the telemetry. Whenever we handle a sample, they cannot provide any information about a victim."
  • "I would like to see improvements in the score consistency and accuracy."
  • "I would like to see improvements in the score consistency and accuracy."

ROI

The ROI from VirusTotal is positive.

Pricing

Many users find VirusTotal pricing reasonable, often seeing it as a worthwhile investment despite some considering it expensive. Several noted economical aspects, especially when negotiating costs. Expenses are usage-dependent, with options like free trials and licenses to explore. Enterprises utilize strategies such as managing free licenses across multiple accounts to minimize costs. Engaging with VirusTotal for a custom setup is encouraged to tailor pricing to specific requirements.
  • "We are using VirusTotal with free licenses, managing the license limits across three or four accounts, thus incurring no costs."
  • "The pricing is reasonable."
  • "VirusTotal is an expensive solution."

Popular Use Cases

Users employ VirusTotal for malware analysis, cybersecurity forensic cases, and data leak investigations. They monitor malicious campaigns using IOCs and YARA rules. The API helps in determining IP address threats, analyzing file hashes, URLs, and detecting phishing. Users integrate VirusTotal in productions for security intelligence, analyzing suspicious files, checking URLs, and investigating security alerts in incident response processes to ensure file and link integrity. It is essential for sectors like retail and FinTech.

Service and Support

VirusTotal's customer service and support receive mixed feedback. Some users find their technical support active and effective, while others are dissatisfied with response times and structural organization. Communication is primarily through support emails, and phone support may not always work. Subscription plans determine the level of support. Customized packages are available, and technical support ratings are often high, though some licensing processes may experience delays. Many rely on the platform's comprehensive information for assistance.

Deployment

Users found VirusTotal's initial setup mostly straightforward and easy. Integration with APIs was simple for many, though some found clarity lacking in APIs. The process varied based on API use for websites, apps, or systems. Guidance from VirusTotal's user manual and support was helpful. The setup involved three days to a week and required minimal personnel. Web-based access was seamless, though cybersecurity knowledge influenced difficulty levels for some users.

Scalability

VirusTotal's scalability receives mixed assessments. Organizations note the ability to integrate with tools and APIs, supporting its scalability while being quota-dependent. Users found limitations with the free version regarding file size and batch scanning capabilities. Some report no significant scalability limitations, whereas others highlight room for improvement, particularly concerning quota restrictions when processing numerous URLs. It remains suitable but not extensively tested in very large environments.

Stability

VirusTotal is praised for its remarkable stability. Users consistently find it reliable, with minimal issues related to performance or stability. While some mention occasional non-responsiveness or minor glitches, most attest to its consistent availability without breakdowns. The system maintains steady signatures and decisions, not easily swayed by public input, ensuring a reliable experience. Many users have not encountered stability problems or bugs, indicating VirusTotal’s robust and dependable performance.
These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.
Download our Anti-Malware Tools Buyer's Guide for additional reliable information.

Review data by company size

By reviewers
Company SizeCount
Small Business4
Midsize Enterprise2
Large Enterprise4
By reviewers
By visitors reading reviews
Company SizeCount
Small Business192
Midsize Enterprise129
Large Enterprise335
By visitors reading reviews

Top industries

By visitors reading reviews
Computer Software Company
13%
Financial Services Firm
11%
Comms Service Provider
8%
University
7%
Manufacturing Company
7%
Government
7%
Healthcare Company
5%
Educational Organization
4%
Retailer
4%
Insurance Company
3%
Outsourcing Company
3%
Legal Firm
3%
Construction Company
3%
Media Company
3%
Performing Arts
2%
Real Estate/Law Firm
2%
Energy/Utilities Company
2%
Wholesaler/Distributor
2%
Hospitality Company
2%
Non Profit
1%
Recreational Facilities/Services Company
1%
Pharma/Biotech Company
1%
Leisure / Travel Company
1%
Wellness & Fitness Company
1%
Logistics Company
1%
Transportation Company
1%
Consumer Goods Company
1%
Engineering Company
1%

Compare VirusTotal with alternative products

Go!

Learn more about VirusTotal

VirusTotal is utilized to explore malicious activities, providing detailed analysis of files and URLs for potential threats. Security professionals appreciate its capabilities for identifying data leaks, checking suspicious IPs, and investigating compromised information. Automation through API systems enables reputational checks for IPs, hashes, and URIs. The platform is valued for its efficient search algorithm and large file analysis capacity but can improve on advanced AI, API capabilities, and integration. User feedback indicates a need for better false positive handling, better documentation, and enhanced interface. Despite its strengths, VirusTotal's visibility is limited in certain markets, such as the Middle East.

What are VirusTotal's key features?
  • Malware Detection: Integration with 70+ scanners provides comprehensive protection.
  • File, IP, URL Analysis: Detailed insights into potential threats and malicious behavior.
  • MD5/SHA-256 Visibility: Useful for checking file legitimacy and identifying compromised files.
  • API Systems: Enables automation for reputation checks and security processes.
What benefits should users expect from VirusTotal?
  • Accurate Analysis: Reliable threat detection from a vast malware database.
  • Time Efficiency: Automation capabilities streamline security operations.
  • Comprehensive Threat Intelligence: Detailed threat insights aid in incident response.
  • Large File Handling: Capability to process extensive data and files.

VirusTotal finds implementation in security operations across industries, aiding in monitoring malicious activity, data leak investigations, and malware research. Organizations integrate it for robust security intelligence, leveraging it in incident response efforts and enhancing overall threat analysis infrastructure.

Related questions

  • 255
What are the threats associated with using ‘bogus’ cybersecurity tools?
  • 174
What to choose: an endpoint antivirus, an EDR solution or both?
  • 258
Do we need to use both EDR and Antivirus (AV) solutions for better protection of IT assets?
  • 184
Looking for alternatives to Symantec Cloud Protection Engine
  • 123
Who provides a better antivirus solution: Bitdefender or Sophos?
  • 113
Which antivirus is best for isolated work PCs?
  • 107
How do you identify malware?
  • 184
Why are Anti-Malware Tools important for companies?
  • 101
When evaluating Antimalware Tools, what aspect do you think is the most important to look for?
  • 161
When evaluating Anti-Malware Tools, what aspect do you think is the most important to look for?

Product Categories

Product Categories
Anti-Malware Tools
Threat Intelligence Platforms (TIP)

Popular Comparisons

Popular Comparisons
CrowdStrike Falcon vs VirusTotal Logo
CrowdStrike Falcon vs VirusTotal
Microsoft Defender for Endpoint vs VirusTotal Logo
Microsoft Defender for Endpoint vs VirusTotal
SentinelOne Singularity Endpoint vs VirusTotal Logo
SentinelOne Singularity Endpoint vs VirusTotal
WatchGuard Firebox vs VirusTotal Logo
WatchGuard Firebox vs VirusTotal
Check Point Harmony Endpoint vs VirusTotal Logo
Check Point Harmony Endpoint vs VirusTotal
Recorded Future vs VirusTotal Logo
Recorded Future vs VirusTotal
Microsoft Exchange Online Protection (EOP) vs VirusTotal Logo
Microsoft Exchange Online Protection (EOP) vs VirusTotal
Exabeam vs VirusTotal Logo
Exabeam vs VirusTotal
Anomali vs VirusTotal Logo
Anomali vs VirusTotal
Lookout vs VirusTotal Logo
Lookout vs VirusTotal
CyberArk Endpoint Privilege Manager vs VirusTotal Logo
CyberArk Endpoint Privilege Manager vs VirusTotal
ZeroFOX vs VirusTotal Logo
ZeroFOX vs VirusTotal
TrendAI Tipping Point vs VirusTotal Logo
TrendAI Tipping Point vs VirusTotal
MetaDefender vs VirusTotal Logo
MetaDefender vs VirusTotal
ReversingLabs vs VirusTotal Logo
ReversingLabs vs VirusTotal
See all alternatives
 
VirusTotal Reviews Summary
Author infoRatingReview Summary
Advisor Adtech/Martech/API product/project Engineering at a financial services firm with 10,001+ employees4.5I use VirusTotal to monitor and analyze malicious activities and it integrates well with numerous antivirus engines. While it excels in detection, it needs improvement in AI deployment, API connectivity, and domain-level protection compared to competitors like Kaspersky.
Security Specialist at a tech vendor with 10,001+ employees4.5I work in incident response, using VirusTotal daily for accurate security alerts analysis. It excels in detail but needs improved score consistency and more features like competitors. I’ve used URL Void and Symantec URL Checker for similar tasks.
Senior security engineer at Frontdoor4.5I use VirusTotal to check files for malicious content by analyzing their MD5 or SHA-256 signatures and to see related sites. Although valuable, improvements are needed for non-paid features. A lower-cost researcher license could enhance accessibility.
Sr. Threat Researcher at Trend Micro4.5I use VirusTotal in my job for security intelligence due to its efficient Google-developed search algorithm. However, it lacks telemetry details about victims, making it difficult to identify infected targets accurately when handling samples.
Cyber Security Senior Consultant at Inspira Enterprise4.5As a GRC professional, I use VirusTotal to check suspicious IPs, URLs, and hashes for accuracy. It's effective at detecting malware and providing details on threats. However, it needs better promotion in the Middle East and advanced AI features.
Cybersecurity Architect at a tech services company with 11-50 employees4.0I use VirusTotal primarily for file inspection, URL analysis, and IP address checks in security operations to detect potential threats. Its community feature aids threat intelligence, though improvement in handling false positives and using external intelligence is needed.
Cybersecurity Operations Lead at a tech services company with 51-200 employees4.5I use VirusTotal primarily for file and URL analysis, especially for phishing detection. Its powerful feature is analyzing large files with multiple engines, though API integration could improve. False positives occasionally occur, especially with Microsoft block addresses.
Information Security Manager at kakaopay4.0We use VirusTotal's APIs to check IP reputation, replacing IP Quality Score for affordability and ease of use. While the APIs automate threat detection, the platform could improve endpoints and network features to further enhance its value.