Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos

Dailydave: Re: Security FAIL.

Re: Security FAIL.

From: Kurt Baumgartner <kbaumgartner_at_pctools.com>
Date: Tue, 8 Apr 2008 10:12:47 -0600

>There is a general insistence in the AV industry to test only malware
>which is a few weeks old.

Not true. Often, samples that the vendors miss are months old. It's very
unfortunate that the misses occur even against sets from the "Wild
List".
The AV vendors, testers, journalists, academics, and other security
players are working on it this year -- www.amtso.org.

>I'm not sure if it's a problem for the AV companies, though. Their
>brands are quite strong, and the policies that guarantee them a steady
>revenue stream are well-enshrined industry-wide. Certainly it's not
>going to affect them in the current CEO cycle, and that's why they
>aren't dealing with it aggressively.

May be true for some, but not true for all AV companies. While there
hasn't been a seismic shift in the industry just yet, multiple AV
companies are very interested in improving effectiveness in their
products and acting on it (Microsoft included).

> we're heading towards a profound change in technology and business
models.

It's about time.

Kurt
_______________________________________________
Dailydave mailing list
Dailydave_at_lists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave
Received on Apr 08 2008

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]