http://www.securityweek.com/crowdstrike-sues-nss-labs-prevent-publication-test-results
>From Article: "There are two primary issues here: is it possible to conduct fair comparative tests for advanced endpoint protection products (aka, machine-learning or next-gen AV); and is the law a valid method of preventing them?" The article has various opinions about this, with additional links to opinions. I offer my $0.02 It would appear that based on the NSS Lab admission that "The Falcon Host's final rating may have been different had it completed the test." that Crowdstrike may have a legitimate beef. When deploying Palo Alto devices with Wildfire enabled, I would inevitably get asked the question as to whether or not traditional AV was needed. This came up even more as Palo Alto introduced host-based protection via "traps." What I have found is that many of these so-called "next-gen" protection mechanisms are quite good at protecting against unknown aka "0day" threats. However, they tend to fall short in protecting against old threats, like the nth version of MyDoom. Signature-based solutions still have their place, and until the next-gen vendors like Crowdstrike can protect against both, signature-based AV may still be needed.
_______________________________________________ Dailydave mailing list [email protected] https://lists.immunityinc.com/mailman/listinfo/dailydave
