掲示板ホーム › フォーラム › Technology › What antivirus do you trust and use?
- このトピックには2件の返信、1人の参加者があり、最後にtsunagu0225により6年、 8ヶ月前に更新されました。
-
投稿者投稿
-
tsunagu0225キーマスター
Antivirus or anti-virus software (often abbreviated as AV), sometimes known as anti-malware software, is computer software used to prevent, detect and remove malicious software.
Antivirus software was originally developed to detect and remove computer viruses, hence the name. However, with the proliferation of other kinds of malware, antivirus software started to provide protection from other computer threats. In particular, modern antivirus software can protect from: malicious browser helper objects (BHOs), browser hijackers, ransomware, keyloggers, backdoors, rootkits, trojan horses, worms, malicious LSPs, dialers, fraudtools, adware and spyware. Some products also include protection from other computer threats, such as infected and malicious URLs, spam, scam and phishing attacks, online identity (privacy), online banking attacks, social engineering techniques, advanced persistent threat (APT) and botnet DDoS attacks.
tsunagu0225キーマスターMany viruses start as a single infection and through either mutation or refinements by other attackers, can grow into dozens of slightly different strains, called variants. Generic detection refers to the detection and removal of multiple threats using a single virus definition.
For example, the Vundo trojan has several family members, depending on the antivirus vendor’s classification. Symantec classifies members of the Vundo family into two distinct categories, Trojan.Vundo and Trojan.Vundo.B.
tsunagu0225キーマスターMore recently, following the 2014 release of the APT 1 report from Mandiant, the industry has seen a shift towards signature-less approaches to the problem capable of detecting and mitigating zero-day attacks.
Numerous approaches to address these new forms of threats have appeared, including behavioral detection, artificial intelligence, machine learning, and cloud-based file detonation.
According to Gartner, it is expected the rise of new entrants, such Carbon Black, Cylance and Crowdstrike will force EPP incumbents into a new phase of innovation and acquisition. One method from Bromium involves micro-virtualization to protect desktops from malicious code execution initiated by the end user. Another approach from SentinelOne and Carbon Black focuses on behavioral detection by building a full context around every process execution path in real time, while Cylance leverages an artificial intelligence model based on machine learning.
Increasingly, these signature-less approaches have been defined by the media and analyst firms as “next-generation” antivirus and are seeing rapid market adoption as certified antivirus replacement technologies by firms such as Coalfire and DirectDefense. In response, traditional antivirus vendors such as Trend Micro, Symantec and Sophos have responded by incorporating “next-gen” offerings into their portfolios as analyst firms such as Forrester and Gartner have called traditional signature-based antivirus “ineffective” and “outdated”.
-
投稿者投稿