Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
Do you consider this a block or a fail?
Message
<blockquote data-quote="Fabian Wosar" data-source="post: 807681" data-attributes="member: 24327"><p>Block. However, blocks aren't necessarily the only relevant metric here. Every single "anti-executable" will have a close to 100% block rate, but it also has a close to 100% false positive rate. Malware detection performance isn't just about how much was blocked. But also how much was blocked that wasn't malicious.</p><p></p><p>I would argue that anti-executable or applications restrictions like that are more compliance and policy enforcement tools than malware protection. They are useful in an enterprise environment (or maybe in a family environment with younger kids), because having a policy for your employees to not install or run their own programs is one thing, having a way to enforce that policy is another. It's in general always better to simply not allow people to do the wrong thing than it is to trust that they read the rules and remember them in the right situations.</p></blockquote><p></p>
[QUOTE="Fabian Wosar, post: 807681, member: 24327"] Block. However, blocks aren't necessarily the only relevant metric here. Every single "anti-executable" will have a close to 100% block rate, but it also has a close to 100% false positive rate. Malware detection performance isn't just about how much was blocked. But also how much was blocked that wasn't malicious. I would argue that anti-executable or applications restrictions like that are more compliance and policy enforcement tools than malware protection. They are useful in an enterprise environment (or maybe in a family environment with younger kids), because having a policy for your employees to not install or run their own programs is one thing, having a way to enforce that policy is another. It's in general always better to simply not allow people to do the wrong thing than it is to trust that they read the rules and remember them in the right situations. [/QUOTE]
Insert quotes…
Verification
Post reply
Top