Anti-virus
Anti-virus is considered as a necessary security mechanism for the low-hanging fruit, predictable malware, most of it old, easy to detect, and still dangerous. Anti-virus primarily uses two methods to detect malware:
- Signature: This method looks for known patterns of malware
- Heuristics: In this method the behavior of potential malware is analyzed for malicious actions
Depending on the sophistication of the threat, and if detected, the solution may be able to "clean" the virus from the system. With encoding and encryption methods the norm for malware and hackers, detection is near impossible.
Note
A common method to exploit systems with malware is to bypass anti-virus using simple techniques. Methods include encoding, encryption, obfuscation, ...
Get Enterprise Security: A Data-Centric Approach to Securing the Enterprise now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
