Which were the most effective A/V products and which are the most responsive to new and current threats?.We discussed low-cost mitigation, such as freeware honeypots, that can be used to gather samples and also detect an attacker should they actually get on to your network. Evasion of A/V and delivery of exploits to a desktop user were shown in real time, and no, we didn’t need to write a ‘zero day’ exploit to do this. We ran a live demonstration where we compared results from around 50 A/V products in real time, submitting the samples for evaluation and generating detection results live on stage. To do this we seeded fresh malware samples into publicly shared virus databases, in an attempt to identify which products and manufacturers responded to these new “threats”, and which ones failed to detect them at all. We also showed how many A/V vendors failed to update their detection signatures and/or engines in light of new samples that had been shared with them 12 months earlier. We demonstrated how easy it is to modify malware code to evade detection by A/V, using readily available tools, some freeware, some commercials. Even anti-virus vendors are questioning the future of their own products. Anti-virus products aren’t as good at detecting viruses and malware as many would claim.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |