Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
[Discuss] The future of AV-industry
Message
<blockquote data-quote="Parsh" data-source="post: 867273" data-attributes="member: 58090"><p>For the vendors, minding which essential features to stick to to offer, is crucial for them to stay balanced and relevant (besides keeping up with the current threatscape).</p><p>"<em>Fix not what's not broken</em>" does not often just make sense for a feature, but for the entire product offering too. Likewise, why add more than what is essentially expected of your product?</p><p>Many AVs have already been providing extras like VPNs, Password Managers, banner control and cleaners. Some of the freemiums/freebies also resort to in-app advertising for upgrading the same.</p><p>Sure, there will be some users who would be happy to avail extras. However, I've seen many users who just want the core security aspect. The rest is bloat for them. Including some of them like PMs or trustable VPNs in extra-premium packages is fine, but IMO the AV companies should not unnecessarily invest time and money in extras like cleaners or performance enhancers that add just a little value to their domain of work... while dedicated and customizable apps offering the same are famously available.</p><p>Gaming Mode is common in some AVs where notifications and idle/scheduled scans are restricted. Other than that, there are a few utilities that disable unnecessary services, free up RAM for a better gaming experience. Pair that with customized Process Lasso and there you go <img class="smilie smilie--emoji" loading="lazy" alt="😁" title="Beaming face with smiling eyes :grin:" src="https://cdn.jsdelivr.net/joypixels/assets/6.6/png/unicode/64/1f601.png" data-shortname=":grin:" /></p><p></p><p></p><p>I totally agree! Besides, even though Microsoft will be the one having most details knowledge and know-hows of the working of Windows, their expertise and experience with the cyberthreats would be lesser compared to major players who have been solely doing this 24*7*52 since years. Getting intel from these players is not enough.</p><p>WD is improving impressively especially ATP, no doubt. But I would not trust it wholly. Also it is supposed to be the most targeted now that it's the default built-in.</p><p></p><p></p><p>Basically what one practices currently in the available solutions by -</p><ul> <li data-xf-list-type="ul">having a default-deny/app locker and then a list of whitelisted scripts +</li> <li data-xf-list-type="ul">having access protection for a set of script files</li> </ul><p>.. you're suggesting to combine them into a little specific unit. It's a good idea <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite109" alt=":)" title="Smile :)" loading="lazy" data-shortname=":)" /></p><p>Endpoint solutions mainly focus on practicality and demand of features among the users. If it rises enough, maybe some vendor might consider implementing it. Have you ever suggested this on any AV forums?</p><p></p><p></p><p>"Some specific protection being enough" is up to an individual, but not entirely.</p><p>An average user might get infected with a strong config. We know nothing is full-proof. Neither human decisions of course, nor the solutions.</p><p>That average user practicing safe habits might as well get infected with a light and simple config - if once in a blue moon he visits something that is compromised, shady or runs some non-legit app for some obvious reasons by creating an exception in the security rules he set. Boom, one bad out of all hundred things that happened to him did the nasty thing.</p><p>Safe habits sure reduce the probability of attacks but don't eliminate them.</p><p>If the user could not identify the infection, be it minor or a disastrous one, he (feels he) is safe in his Wonderland. He's good. It might even not be something he would care much about.</p><p>And the opposite that a paranoid user might think of some minor events as risks and might freak out... eventually running multiple scanners or scratching his head whether he should again clean install his system for peace of mind.</p><p>The above are only a few combinations among various possible scenarios.</p><p></p><p>Most of the times, the IS (paid) version of an AV provides important complementary features (firewall - IDS, IPS, ..., Advanced ML that help over unrecognized threats - though detected ones soon get added to common sigs, Application Control or HIPS, and more customization) over the basics (AV sigs, BB, surfing protection).</p><p>One might want to use another solution to add the missing features of a free AV. I would prefer to have that or a complete suite and not just rely on a free AV/default-deny for regular use.</p><p>I do not think of those complete packages as necessary, but I do advocate their use.</p><p>The missing features of a free AV cover different attack vectors and their scope of protection also differs. Combine that with the years of cybersecurity expertise that Security Vendors put into their various modules to make it a one big integrated and tightly-coupled product. Now add some default-deny and safe browsing <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite110" alt=";)" title="Wink ;)" loading="lazy" data-shortname=";)" /></p><p>These are my thoughts. Everyone has their own set of usage and spectrum of knowledge... and may feel the need for more or less protection.</p><p></p><p>Coming back to the topic, I think</p><ul> <li data-xf-list-type="ul">providing more practical & customizable solutions appropriate for various groups of target users. With time, there's always room for improvement</li> <li data-xf-list-type="ul">offering better lockdown setups suitable for different use cases</li> <li data-xf-list-type="ul">expanding the scope of protection w.r.t. the constantly evolving threatscape</li> <li data-xf-list-type="ul">progressing their technologies (like ML added years back and being improved ever since; better system & network analysis so as to identify potential breaches and provide improved post-breach remediation measures - like some major corporate players are advertising nowadays)</li> </ul><p>are more eligible for concerns rather than adding a stockpile of less useful features to impress only a handful.</p></blockquote><p></p>
[QUOTE="Parsh, post: 867273, member: 58090"] For the vendors, minding which essential features to stick to to offer, is crucial for them to stay balanced and relevant (besides keeping up with the current threatscape). "[I]Fix not what's not broken[/I]" does not often just make sense for a feature, but for the entire product offering too. Likewise, why add more than what is essentially expected of your product? Many AVs have already been providing extras like VPNs, Password Managers, banner control and cleaners. Some of the freemiums/freebies also resort to in-app advertising for upgrading the same. Sure, there will be some users who would be happy to avail extras. However, I've seen many users who just want the core security aspect. The rest is bloat for them. Including some of them like PMs or trustable VPNs in extra-premium packages is fine, but IMO the AV companies should not unnecessarily invest time and money in extras like cleaners or performance enhancers that add just a little value to their domain of work... while dedicated and customizable apps offering the same are famously available. Gaming Mode is common in some AVs where notifications and idle/scheduled scans are restricted. Other than that, there are a few utilities that disable unnecessary services, free up RAM for a better gaming experience. Pair that with customized Process Lasso and there you go 😁 I totally agree! Besides, even though Microsoft will be the one having most details knowledge and know-hows of the working of Windows, their expertise and experience with the cyberthreats would be lesser compared to major players who have been solely doing this 24*7*52 since years. Getting intel from these players is not enough. WD is improving impressively especially ATP, no doubt. But I would not trust it wholly. Also it is supposed to be the most targeted now that it's the default built-in. Basically what one practices currently in the available solutions by - [LIST] [*]having a default-deny/app locker and then a list of whitelisted scripts + [*]having access protection for a set of script files [/LIST] .. you're suggesting to combine them into a little specific unit. It's a good idea :) Endpoint solutions mainly focus on practicality and demand of features among the users. If it rises enough, maybe some vendor might consider implementing it. Have you ever suggested this on any AV forums? "Some specific protection being enough" is up to an individual, but not entirely. An average user might get infected with a strong config. We know nothing is full-proof. Neither human decisions of course, nor the solutions. That average user practicing safe habits might as well get infected with a light and simple config - if once in a blue moon he visits something that is compromised, shady or runs some non-legit app for some obvious reasons by creating an exception in the security rules he set. Boom, one bad out of all hundred things that happened to him did the nasty thing. Safe habits sure reduce the probability of attacks but don't eliminate them. If the user could not identify the infection, be it minor or a disastrous one, he (feels he) is safe in his Wonderland. He's good. It might even not be something he would care much about. And the opposite that a paranoid user might think of some minor events as risks and might freak out... eventually running multiple scanners or scratching his head whether he should again clean install his system for peace of mind. The above are only a few combinations among various possible scenarios. Most of the times, the IS (paid) version of an AV provides important complementary features (firewall - IDS, IPS, ..., Advanced ML that help over unrecognized threats - though detected ones soon get added to common sigs, Application Control or HIPS, and more customization) over the basics (AV sigs, BB, surfing protection). One might want to use another solution to add the missing features of a free AV. I would prefer to have that or a complete suite and not just rely on a free AV/default-deny for regular use. I do not think of those complete packages as necessary, but I do advocate their use. The missing features of a free AV cover different attack vectors and their scope of protection also differs. Combine that with the years of cybersecurity expertise that Security Vendors put into their various modules to make it a one big integrated and tightly-coupled product. Now add some default-deny and safe browsing ;) These are my thoughts. Everyone has their own set of usage and spectrum of knowledge... and may feel the need for more or less protection. Coming back to the topic, I think [LIST] [*]providing more practical & customizable solutions appropriate for various groups of target users. With time, there's always room for improvement [*]offering better lockdown setups suitable for different use cases [*]expanding the scope of protection w.r.t. the constantly evolving threatscape [*]progressing their technologies (like ML added years back and being improved ever since; better system & network analysis so as to identify potential breaches and provide improved post-breach remediation measures - like some major corporate players are advertising nowadays) [/LIST] are more eligible for concerns rather than adding a stockpile of less useful features to impress only a handful. [/QUOTE]
Insert quotes…
Verification
Post reply
Top