Optimum usage of CA VIRTUE to process malware samples

Recently, CA was notified that some customers experienced a delay in receiving an anti-malware signature as a result of malware samples submitted through the Virtue system versus CA Technical Support.  As background, CA tests a detection signature between the date it is created and before it is implemented in the update files for the product. Customer who reported a malware sample via Virtue and who also sought issue resolution did not receive such resolution prior to the detection signatures being made generally available. Customers who called CA Technical Support to have their malware samples address ed for 'priority handling' continued to receive support in accordance with their issue severity. If a customer advised CA Technical Support that they had an issue impacting them, their sample was prioritized for review and development of a detection signature. On the other hand, customers who did not communicate that they were being affected by the malware sample may have continued to experience such affect until CA released the detection signature.

VIRTUE is an automated system and should not be relied upon for an immediate response to a support question or to escalate an issue with malware.

It is highly recommended that CA partners and/or customers should not rely only on the automated VIRTUE system to communicate an issue with malware affecting their environments.  Partners and customers will have their issues addressed more effectively by following the correct and published reporting process. A customer can receive the best service by submitting a sample via VIRTUE and then calling CA Technical Support with the Virtue set number to confirm submission. If for any reason the customer or partner has not received a VIRTUE set number, CA will need the email address of the submitting sender to track it. Note, all VIRTUE response emails include clear instructions at the bottom that explain that the customer should still go through CA Technical Support after submitting a sample to VIRTUE. Here is a copy of those instructions.

--------------------------------------------------------
This automated scanning service "VIRTUE" complements our regular technical support service. It is not a replacement for it. For technical support please visit http://www.ca.com/about/support.htm
----------------------------------------------------------

Additionally, CA has provided guidance at its Security Advisor and SupportConnect websites that explains the proper process to submit malware samples for processing. It is located at:  http://www.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=33514. Please read these instructions to avoid any issues in submitting samples and to receive optimum service on malware issues.

Having said that, I am quite confident in the systems and the teams that support CA's threat management resources. I am thankful for the opportunity to further make known the proper mechanisms and tools to provide you with quality products, service and support.

Without limiting the foregoing, nothing herein is meant to otherwise affect the rights and/or obligations of you or CA under any existing or future written license agreement or maintenance agreement between the parties.

Best Regards,
Sam Curry
Vice-President, Security Product Marketing & Management