Security Basics mailing list archives
Re: Re: RE: Malware detection
From: kartik.netsec () gmail com
Date: Fri, 27 Jul 2012 15:13:56 GMT
I guess the discussion is getting diverted into MSSE VS market leaders in AV. This is absolutely not the case. In none of the posts so far it is mentioned that MSSE is better than say ..XYZ. Few people (inc me) put a point fwd that there have been instances wherein MSSE detected a malware but market leaders in this particular technology were unable to detect the same until samples were submitted. Those instances does not actually allow MSSE to go neck-to-neck with market leaders as of now. (Expecting a robust MSSE in a very near future) Sorry for the long writeup, but this is how sometimes an openion is made: One fine day my CISO called me up and said that we were invited in CEO's office (i was like.. huh what did I do??) Once reached, we got to know that our CEO shared some documents to a CEO of another company (say ABC) in a USB drive. The CEO of ABC wrote an email to our CEO stating that a Trojan was detected in the USB drive, and they were using MSSE :D To add salt on our wounds, the CEO of ABC was Prime Minister's brother. The country where I work is geographically very small, yet it is considered as a banking hub. Small things get flashed in media so very quick esp when it comes to technology. So, for us the concern was more of a goodwill and integrity than a technology. We called the business critical manager (AV Vendor) stating "even MSSE detected it but your AV could not. We give you $$$$ yearly etc". Eventually, we got the definitions after another 4-5 hours of time. It was indeed frustrating to see on how our AV (A market leader, #1 or may be #2) failed to detect such a thing. I experienced such instances (against MSSE) thrice. For me, defeating my AV (A market leader for which we pay huge $$$$ ) thrice in a year is a big thing and this is what I wanted to convey. MSSE may not be compared with market leaders as of now but I would never make a mistake to consider it as a piece of rubbish. Thanks, Kartik CISSP, CISM ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Re: Malware detection, (continued)
- Re: Malware detection Jeffrey Walton (Jul 26)
- RE: Malware detection Glenn Duquette (Jul 26)
- Re: Malware detection haZard0us (Jul 27)
- Re: RE: Malware detection kartik . netsec (Jul 25)
- Re: RE: Malware detection Raghav Pande (Jul 25)
- Re: RE: Malware detection Ansgar Wiechers (Jul 25)
- Re: RE: Malware detection Kurt Buff (Jul 26)
- Re: Malware detection Vic Vandal (Jul 26)
- Re: RE: Malware detection Raghav Pande (Jul 25)
- RE: RE: Malware detection Mikhail A. Utin (Jul 27)
- RE: RE: Malware detection Chris Seppala (Jul 27)