AV isn't Dead. It's Evolving!-LIVE-Given by Webroot's own Tyler Moffitt Threat Research Analyst.

Status
Not open for further replies.
Petrovic

Petrovic

Level 64
Thread author
Verified
Honorary Member
Top Poster
Well-known
Apr 25, 2013
5,356
slide5_001.png


Traditional signature AV technology is no longer able to consistently and fully remediate or defend against today’s most advanced threats. New and emerging threats such as ransomware, social engineering driven attacks, and micro variant financial threats are just some of the examples of difficult to remediate infections. This presentation will take a look at the malware landscape and explain why these tactics are so effective against traditional AV technology. We will examine three specific families of infections and highlight their tactics to evade detection and what issues occur with remediation. To keep up with modern malware, the methods for discovering and addressing new threats needs to change. Lastly, we will talk about Webroot’s innovation and how our SecureAnywhere AV solution is capable of defending against, and remediating today’s most advanced threats.

Live:
https://www.brighttalk.com/webcast/8241/114021
 
  • Like
Reactions: Dima007, abdou17, XhenEd and 5 others
Jack

Jack

Administrator
Verified
Staff Member
Well-known
Jan 24, 2011
9,378
I have read a few articles about this subject... Yes, malware is evolving at a faster rate than traditional antivirus engines, and this is why almost all the antiviruses now come with behavior blockers, sandbox and file reputation system, however even so, the antivirus engine can do what the other layers can't. An antivirus engine can give a definitive answer if a file is malicious or not.

Bottom line is that malware has evolved, and so the security products, however the antivirus engine is still need it, and is the most helpful layer of protection for 90% of users.
 
Last edited:
  • Like
Reactions: Dima007, XhenEd, Littlebits and 6 others
FleischmannTV

FleischmannTV

Level 7
Verified
Honorary Member
Well-known
Jun 12, 2014
314
As if Webroot is anywhere able to defend against "today's most advanced threats". Today's most advanced threats would simply disable this overrated roll back feature and be done with it. You probably won't even need to exploit the kernel, as it has been possible to do this from user-mode in the past (look at kernelmode.info PrevX discussions). Where Webroot can only roll back, other solutions have blocked attacks from the get-go for years, no roll back necessary.

Yet even proper solutions are helpless against "today's most advanced threats", as Bromium Labs research has painfully and repeatedly shown in the past, and Webroot is nowhere near as sophisticated as these obstacles that have already been overcome.

I can't stand this Webroot marketing, it's so annoying. Their detection and false positives are the among the worst in the business. Yet they have the audacity to criticize the vendors, who are actually doing their homework, for being stuck in the past, whereas the accused at least constantly adapt their products to the current threat landscape and Webroot only has their silly roll back feature.

When they were confronted on how even their prestigious roll back has been compromised (simply because the machine crashed during roll back and the program couldn't remember where it was afterwards, lol), they said that it's a cat and mouse game between them and the malware writers and that you should always have backup. Yeah, so much for roll back.

They say they have the lightest product out there, but when they are confronted that it causes excess memory usage across several 64bit processes on Windows 8.1 x64, they said that most machines today have 8 GB of RAM, so it's not an issue. When they are confronted about how this might cause performance issues because of possible excess page file usage, they said that most people have SSDs today and thus it shouldn't be noticeable. Oh, and it's Microsoft's fault of course and it's not a bug really. Funny how other security solutions are perfectly fine with Windows 8.1 x64.

They are unable to fix bugs, they don't detect malware, they detect legitimate software as malicious, they fill your hard drive with gigabytes of data in case of roll back and their protection is easily defeated. That's the truth.

Their only strong suit is their marketing department. That's possibly one of the best in the business.
 
  • Like
Reactions: Deleted member 178, Nightwalker, XhenEd and 3 others
K

kmr1684

Level 3
Verified
Jun 23, 2014
148
Code: 
Yet even proper solutions are helpless against "today's most advanced threats", as Bromium Labs research has painfully and repeatedly shown in the past, and Webroot is nowhere near as sophisticated as these obstacles that have already been overcome.

I can't stand this Webroot marketing, it's so annoying.They are unable to fix bugs, they don't detect malware, they detect legitimate software as malicious, they fill your hard drive with gigabytes of data in case of roll back and their protection is easily defeated. That's the truth.

Their only strong suit is their marketing department. That's possibly one of the best in the business.

@fleishmanntv:cool: please do not say too much some fanboys:cool: may also available here on MT.:rolleyes:

i really loved these words, true golden words from bottom of the hearts.
 
  • Like
Reactions: FleischmannTV
Jack

Jack

Administrator
Verified
Staff Member
Well-known
Jan 24, 2011
9,378
FleischmannTV said:
I can't stand this Webroot marketing, it's so annoying. Their detection and false positives are the among the worst in the business. Yet they have the audacity to criticize the vendors, who are actually doing their homework, for being stuck in the past, whereas the accused at least constantly adapt their products to the current threat landscape and Webroot only has their silly roll back feature.
Click to expand...

Indeed. This is nothing more than a marketing technique... Scared and misinformed users means money for these companies...
 
  • Like
Reactions: XhenEd, Littlebits and FleischmannTV
M

Muddy7

Level 2
Verified
Jun 27, 2014
66
Well, all I can say is I’ve been using Prevx->WSA ever since late 2006 for my malware protection, and whilst previously I found myself all too regularly infected and that was with big name AV products on my machines, since then I have been virus-free. Sorry if I come across as a bit of a fanboy but that’s the honest truth.
 
D

Deleted member 178

Webroot like any other vendors has strong points and flaws...
For the story, webroot forum is one of the worse i came across ^^
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top