Reply to thread

Message

<blockquote data-quote="Trident" data-source="post: 1083776" data-attributes="member: 99014">A lot of products apply much more aggressive monitoring on downloads. This helps boost security “at the point of entry” whilst still minimising false positives.Avast Cyber Capture, McAfee Download Advisor, Microsoft SmartScreen, Eset LiveGuard, Check Point threat emulation are just examples.Norton uses Norton Insight (Which includes File Insight, Threat Insight, Performance Insight, Download Insight) which takes into account whether the file was downloaded and even, was it a trusted website or not.Norton applies more aggressive heuristics both pre-execution and post-execution (in SONAR) when files have come via untrusted downloads.Furthermore, Symantec/Norton apply “sandbox” around untrusted processes and execution chains.It can all be supported with the relevant documentation and blog posts.Norton provides additional security through their IPS system which is the only viable implementation of IPS for Windows that is deployed with one click and blocks high volume of malicious traffic.That’s not to say that it is perfect or impenetrable (nothing ever is) — Norton is designed to provide enough security for real life users in real life situations. When Norton deems that new protection methods are necessary, the STAR team promptly releases such via program updates, SDS (static data scanner) logics and SONAR rules.On business environments where scripts are issues, Symantec/Broadcom offer email security, as well as Symantec Adaptive Protection which blocks LOLBin calls (from one to another) or their execution all together .</blockquote>

[QUOTE="Trident, post: 1083776, member: 99014"] A lot of products apply much more aggressive monitoring on downloads. This helps boost security “at the point of entry” whilst still minimising false positives. Avast Cyber Capture, McAfee Download Advisor, Microsoft SmartScreen, Eset LiveGuard, Check Point threat emulation are just examples. Norton uses Norton Insight (Which includes File Insight, Threat Insight, Performance Insight, Download Insight) which takes into account whether the file was downloaded and even, was it a trusted website or not. Norton applies more aggressive heuristics both pre-execution and post-execution (in SONAR) when files have come via untrusted downloads. Furthermore, Symantec/Norton apply “sandbox” around untrusted processes and execution chains. It can all be supported with the relevant documentation and blog posts. Norton provides additional security through their IPS system which is the only viable implementation of IPS for Windows that is deployed with one click and blocks high volume of malicious traffic. That’s not to say that it is perfect or impenetrable (nothing ever is) — Norton is designed to provide enough security for real life users in real life situations. When Norton deems that new protection methods are necessary, the STAR team promptly releases such via program updates, SDS (static data scanner) logics and SONAR rules. On business environments where scripts are issues, Symantec/Broadcom offer email security, as well as Symantec Adaptive Protection which blocks LOLBin calls (from one to another) or their execution all together . [/QUOTE]

Verification