Virusbay Blog – Q/A


How did Virusbay started its journey?

The Virusbay hub for malware researchers, analysts, SOC experts and others opened its gates at the beginning of 2018. We were unsure how exactly we will merge it with other existing open source / community platforms, however naturally Virusbay took its place among the leading platforms known today for threat intelligence sharing.

Where does all the data go?

There has been many question around the arteries of Virusbay and whether it is connected in some why to one company or another and the most accurate answer is – No. Virusbay resides on AWS servers and is being fully maintained by the founders @idonaor and @danigoland. Along the years, top notch researchers and other professionals helped the founders to shape the platforms and help with publicity, however it was never a term for accessing Virusbay back-end.

Is it still free?

Yes, Virusbay is completely free. What we ask is simply vouching other users and upload unique TTPs which were analyzed by the user uploading it and additional tags to better detect its links to threat actors and tools.

I asked for an invite code months ago, what happened?

Since we are manually adding users in, it takes time to evaluate users. In many cases, we release invite codes in conferences, as we trust the audience to have the right skill-set and interest. In addition, we make extra checks to ensure no abuse scenarios exists. If you requested an invite code via email and we haven’t replied yet, you can try contacting us via Twitter, security conferences we attend in, Linkedin and other creative ways – We trust your skills (:

Why opening a blog?

We actually made this decision a long time ago and haven’t had the time nor the resources to take on the mission. As we grew stronger, we revived this task and reshaped the backstory behind it. The blog is the perfect tool for our users to boost their skills in a way they can’t really do by themselves. We asked for help from top notch researchers (again, yes) and they agreed. We called them Divers, as they are the ones who will dive into your blogpost in Virusbay, proofread, change, add, remove and shape it to be as professional as possible. This way, we can reach those who have the skills, but lack the resources to get the right publicity. Using these tools (Divers and publicity) we aim to be a unique blog that brings an additional layer of threat intelligence.

Who are the Divers?

That’s a great question. We asked around and actually, there was an immediate reaction from the community. Our divers are completely diverse, located in different functions and sectors of security space. The Divers are a team of seven highly qualified review board, who are not only an influencers online, but also people we met personally and know their vision is similar to ours.
@VK_intel, @ItsReallyNick, @jaytezer, @x0rz, @0verfl0w, @ChristiaanBeek and @9bplus

I want to write a blogpost, how do I go about?

Joining our list of Virusbay Authors is very easy. We specifically created a Google Form with instructions to get you started. There are no standards to meet, however we do look for malware / threat-intel related content. Have no worries, if it won’t meet the requirements we won’t toss it away! One of our Divers will contact you and attempt to make the best out of your content, so we can eventually get to a point where we publish your content. If you have an draft – Go ahead and submit it! We are here to help you help the community and together learn more about attacks and how you see them from your perspective.

How will readers know I wrote the blogpost?

Your name and link to Twitter handle will be at the top of the blogpost. However, if you wish to be anonymous – no worries. We can remove any links to your identity.

How much time will it take for the blogpost to be published?

There’s no secret sauce, we go through every line, making sure everything is correct and properly displayed for the readers to understand the content and the overall message of the blogpost. Later, it will go through proofread of our Divers, to eliminate possibilities for typos. Remember, we are all volunteers – It should take a few days for the process to hit publication.

How is the blog linked to Virusbay?

The initial idea was to extract more information out of samples which were uploaded into Virusbay and were not yet covered by other sources. Our aim is to link all TTPs to Virusbay in such way that it will be easy for readers to download samples and further investigate themselves or just enrich their team’s knowledge and expertise.

For more information:


Please enter your comment!
Please enter your name here