Their point? Yeah, patch :). It also says don't be so ignorant to think your AV will tell you where you're vulnerable, no different than expecting your patch management to tell you when you've got a virus. Until someone packages patch management with AV/Malware and probably even some kind of data encryption there won't be a single app to handle "endpoint security".
David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 -----Original Message----- From: Marc Maiffret [mailto:[EMAIL PROTECTED] Sent: Saturday, October 18, 2008 3:25 PM To: NT System Admin Issues Subject: RE: exploit tests on security suites Secunia does sound like they could have done their testing better. However, they are trying to highlight something that is indeed a real problem for most every security suite, AV or otherwise. The fact is that the majority of the solutions people are using from McAfee to NOD32 (VIPRE maybe although I have not played with it yet) do absolutely nothing in the way of preventing systems from being compromised through the use of exploits that leveraging software vulnerabilities. All of these security suites are just better versions of each other in terms of trying to have better ways to more generically detect files that appear to be malicious. That however is not even nearly close to a complete defense against the attacks that organizations face today. Even suites such as McAfee and CSA that have added some level of vulnerability prevention simply fail to prevent anything. Secunia might have done their testing wrong, but their point is real and accurate. -Marc Maiffret > -----Original Message----- > From: Stu Sjouwerman [mailto:[EMAIL PROTECTED] > Sent: Thursday, October 16, 2008 1:08 PM > To: NT System Admin Issues > Subject: RE: exploit tests on security suites > > Alex has some good observations in his Blog: > http://sunbeltblog.blogspot.com/2008/10/another-useless-test-grabs- > headlines.html > > Warm regards, > > Stu > > ________________________________ > > From: René de Haas [mailto:[EMAIL PROTECTED] > Sent: Wednesday, October 15, 2008 12:11 PM > To: NT System Admin Issues > Subject: exploit tests on security suites > > > > Results are a little disappointing.... > > http://computerworld.com/action/article.do?command=viewArticleBasic&art > icleId=9117042&intsrc=hm_list > > > > ________________________________ > > *** > The information in this e-mail is confidential and intended solely for > the individual or entity to whom it is addressed. If you have received > this e-mail in error please notify the sender by return e-mail delete > this e-mail and refrain from any disclosure or action based on the > information. > *** > > > > > > > > > > > . > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
