ESET with HIPS rules

Status
Not open for further replies.
D

Deleted member 65228

Just by reading their guide and noticing what parts their focus was on, I can say that in my personal opinion, those rules once implemented into the users configuration would end up as being beneficial for most.

Scripts are a very common deployment technique, and PowerShell is widely used by malware authors.

Although personally I would just completely block features like PowerShell from the first day you setup the environment - but this can be troublesome because an attacker can re-name things and come with its own copy, etc.
 
F

ForgottenSeer 58943

I have installed Eset and applied those rules, made some tests in Shadow Defender mode and all was blocked.
The new version of Eset 11.1.42.2 works great, awesome Phising filter.

ESET relies on zVelo API's. Some of the strongest HTTP/HTTPS malware filtration and anti-phising available. I use zVelo on my gateway to filter ALL traffic inbound, it catches a LOT of stuff.

zVelo alone makes Eset one of the strongest suites IMO.
 
F

ForgottenSeer 58943

Avast and FireEye are also customers according to the zVelo website.

Indeed they do. Cyren used them too, but then stole their proprietary technology and built their own out of it, which resulted in a lawsuit. (Cyren = Sleazy Israeli firm) Sonicwall also licensed their API then violated patents when Sonicwall decided to infringe on zVelo's advanced technology.

Basically, zVelo licenses their web categorization database and very speedy heuristic web scanning engine to firms who then use it in their products. Eset/Avast are a couple of users, but there are thousands. Untangle, FireEye and other UTM's use it as well because quite frankly, it's in the top 5 web scanning engines in the world. Only Google and FortiGuard themselves are comparable.

Some of the newer smart-home protection devices use zVelo but won't disclose they do. (Cujo, etc)
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top