On Thu, Oct 22, 2009 at 9:30 PM, Carl Houseman <[email protected]> wrote: > what do scheduled scans find that real-time scanning won't catch?
Threat comes in before signatures are updated. (Remember, anti-malware is an entirely reactive game.) While it is true that a real-time scan *should* intercept that threat on the next access, I'd like to know about it ASAP. That way *I* can be proactive, rather than reactive. I'd much rather tend to something at my leisure than wait until the users call. There's also the important concept of defense-in-depth. If, somehow, someway, the real-time scan doesn't catch something, maybe the scheduled scan will. They do use different APIs to the OS, so this isn't entirely superstition. Even better would be to do full scans with a *different* AV product. But we have limited resources as it is. :) -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
