Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
Do we actually need so many security programs?
Message
<blockquote data-quote="Andy Ful" data-source="post: 774226" data-attributes="member: 32260"><p>My test was about anti-script capabilities. Sophos could detect the final payload via other modules. But, as we can see from the wild, the payloads are often 0-day malware files, so many of them will succeed.</p><p></p><p></p><p>ASR rules are also dynamical. For example, some ASR rules monitor what the scripts do. If the script has downloaded the payload and next tries to run it, then the payload will be blocked. Also, ASR rules have nothing to do with SRP.</p><p></p><p>I tested only Sophos exploit protection of MS Office against the weaponized documents. It was not bad, but WD + ASR rules are stronger for that.</p></blockquote><p>You can keep Sophos Premium, just use something else for anti-script protection. You can start with SysHardener. Furthermore, do not use MS Office and Adobe Acrobat Reader.</p><p>[/QUOTE]</p>
[QUOTE="Andy Ful, post: 774226, member: 32260"] My test was about anti-script capabilities. Sophos could detect the final payload via other modules. But, as we can see from the wild, the payloads are often 0-day malware files, so many of them will succeed. ASR rules are also dynamical. For example, some ASR rules monitor what the scripts do. If the script has downloaded the payload and next tries to run it, then the payload will be blocked. Also, ASR rules have nothing to do with SRP. I tested only Sophos exploit protection of MS Office against the weaponized documents. It was not bad, but WD + ASR rules are stronger for that. [/QUOTE] You can keep Sophos Premium, just use something else for anti-script protection. You can start with SysHardener. Furthermore, do not use MS Office and Adobe Acrobat Reader. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
