What’s changing 
You can now use VirusTotal to view deeper insights on Chrome log events in the Security Investigation Tool. This ability is already available for Gmail event logs



Who’s impacted 
Admins 


Why it’s important 
Admins can use the VirusTotal integration to view more information on Chrome log events, specifically to determine whether any content transfers via Chrome are malicious. 


Additional details 
VirusTotal provides an investigation layer on top of alerts but isn’t being used directly for detection or alerting. 


Data (file attachment hashes) is only shared to VirusTotal after the admin selects to view the VirusTotal report. No data is otherwise shared. 


VirusTotal data is shared with the broader security community. This enables security vendors to collaborate with each other, share important details, and take action to fight security threats. 


The VirusTotal report has two versions: Standard and Enhanced. The Standard version is displayed for admins who have the Security Center > VirusTotal > View report privilege, and who have one of the required Google Workspace editions. The Enhanced version is automatically displayed for paid VirusTotal subscribers who have an active virustotal.com login session with their VT Enterprise user account. Visit the Help Center for more information. 

Getting started 

Rollout pace 

Availability 
  • Available to Google Workspace Enterprise Plus, Education Standard, and Education Plus customers 
  • Not available to Google Workspace Essentials, Business Starter, Business Standard, Business Plus, Enterprise Essentials, Enterprise Standard, Education Fundamentals, Frontline, and Nonprofits, as well as G Suite Basic and Business customers 

Resources