Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
Norton Security 360 Deluxe 2023
Message
<blockquote data-quote="Nikos751" data-source="post: 1036134" data-attributes="member: 5403"><p>Also, i want to add that while IPS can block malicious connections trying to establish, Sonar can work in the background collecting behavior data, so maybe detections can happen even after several hours or whole days, when many attributes show a higher malicious score. That's the way Sonar works from v4.0 released in 2012 and it's maybe a way to reduce FP's or submit more data to the NortonLifelock malware analysts.</p><p>This way, a more sophisticated malware can be detected at endpoint level, for example logic bombs malware or other malware that can hide via time based tactics. More like an EDR with no ability to represent such abilities in video testing. Another product with a smaller analysis time threshold, will flag something as malicious or not malicious quickly, but if it misses something, things are more dangerous. </p><p></p><p>I don't know for how long other vendors analyze behaviors, but this no-reaction time while blocking connectivity, brings me such thoughts to mind [USER=99014]@Trident[/USER] [USER=92939]@Shadowra[/USER]</p></blockquote><p></p>
[QUOTE="Nikos751, post: 1036134, member: 5403"] Also, i want to add that while IPS can block malicious connections trying to establish, Sonar can work in the background collecting behavior data, so maybe detections can happen even after several hours or whole days, when many attributes show a higher malicious score. That's the way Sonar works from v4.0 released in 2012 and it's maybe a way to reduce FP's or submit more data to the NortonLifelock malware analysts. This way, a more sophisticated malware can be detected at endpoint level, for example logic bombs malware or other malware that can hide via time based tactics. More like an EDR with no ability to represent such abilities in video testing. Another product with a smaller analysis time threshold, will flag something as malicious or not malicious quickly, but if it misses something, things are more dangerous. I don't know for how long other vendors analyze behaviors, but this no-reaction time while blocking connectivity, brings me such thoughts to mind [USER=99014]@Trident[/USER] [USER=92939]@Shadowra[/USER] [/QUOTE]
Insert quotes…
Verification
Post reply
Top
