June 9, 2011 at 15:18Tale of the investigation of the case of company X and the dangers of antivirus scanning
Actors:
Citizen N - respectable citizen, head of company N
Company X - unknown company
Companies K and K2 - security companies
Company N wants to make a deal with company X, but N is afraid that he will be thrown. Read under the cat about what he did to reduce risks, why this was not necessary, and what does the antivirus have to do with it.
So what to do? N hires company K, which checks company X up and down - asks questions, looks at documents, etc. Commendable, care about safety, reduce risks.
But bad luck, these checks take a lot of time and resources. And there is always the risk that company K will make a mistake. N can even hire another K2 company to insure K if it makes a mistake. But it will take even more time and resources. What if K2 is also mistaken?
N doubts torment What should he do? What kind of test to come up with for X to be quicker, simpler and more efficient?
And then it dawns on him: why bother with all these checks and look for signs of fraud if everything is written about company X on the Internet? Very bad reviews - 9 out of 10 of her clients write that they were thrown. And so everything is clear without any investigation
After all, you can save a lot of time and resources, and at the same time rely on the opinion of not two companies K and K1, but on the opinion of ten (or maybe ten thousand) former clients of X.
The only problem is that they have not yet invented such a resource that would have information about the reputation of 2.5 billion different companies from 175 million people.
###
Now let's forget about scammers by dubious legal entities and return to our sheep. Symantec is not yet a legal entity. But it deals with the reputation of files. And we have anonymous information about 2.5 billion files from 175 million computers of our customers, this information makes it possible to assign a high-precision reputation index to each file. So why scan these files on your computer, if even before the start of scanning we know that this file infected a couple of thousand computers, or, on the contrary, is everything clean with it?
So we do not scan. And save your time and resources of your computer. Thanks to the Insight reputation technology, which will be available in the new Symantec Endpoint Protection 12 Enterprise Security System (SEP12). Download the beta here .
PS: of course, you have to scan, but only if the file is unknown or if there is no network connection. But in most cases, you can do without it. Signatures, heuristics, behavioral analysis are, of course, good, but with the growth of the number of threats and their rapid mutation, it is sometimes slow and not very effective.
We believe that the future lies in reputational technology. What do you think?
Citizen N - respectable citizen, head of company N
Company X - unknown company
Companies K and K2 - security companies
Company N wants to make a deal with company X, but N is afraid that he will be thrown. Read under the cat about what he did to reduce risks, why this was not necessary, and what does the antivirus have to do with it.
So what to do? N hires company K, which checks company X up and down - asks questions, looks at documents, etc. Commendable, care about safety, reduce risks.
But bad luck, these checks take a lot of time and resources. And there is always the risk that company K will make a mistake. N can even hire another K2 company to insure K if it makes a mistake. But it will take even more time and resources. What if K2 is also mistaken?
N doubts torment What should he do? What kind of test to come up with for X to be quicker, simpler and more efficient?
And then it dawns on him: why bother with all these checks and look for signs of fraud if everything is written about company X on the Internet? Very bad reviews - 9 out of 10 of her clients write that they were thrown. And so everything is clear without any investigation
After all, you can save a lot of time and resources, and at the same time rely on the opinion of not two companies K and K1, but on the opinion of ten (or maybe ten thousand) former clients of X.
The only problem is that they have not yet invented such a resource that would have information about the reputation of 2.5 billion different companies from 175 million people.
###
Now let's forget about scammers by dubious legal entities and return to our sheep. Symantec is not yet a legal entity. But it deals with the reputation of files. And we have anonymous information about 2.5 billion files from 175 million computers of our customers, this information makes it possible to assign a high-precision reputation index to each file. So why scan these files on your computer, if even before the start of scanning we know that this file infected a couple of thousand computers, or, on the contrary, is everything clean with it?
So we do not scan. And save your time and resources of your computer. Thanks to the Insight reputation technology, which will be available in the new Symantec Endpoint Protection 12 Enterprise Security System (SEP12). Download the beta here .
PS: of course, you have to scan, but only if the file is unknown or if there is no network connection. But in most cases, you can do without it. Signatures, heuristics, behavioral analysis are, of course, good, but with the growth of the number of threats and their rapid mutation, it is sometimes slow and not very effective.
We believe that the future lies in reputational technology. What do you think?