[prev in list] [next in list] [prev in thread] [next in thread] 

List:       clamav-users
Subject:    Re: [clamav-users] Grizzly Steppe
From:       "Joel Esler (jesler)" <jesler () cisco ! com>
Date:       2017-01-06 16:40:04
Message-ID: 5C740133-3478-4E1D-894F-7667BE11A4DF () cisco ! com
[Download RAW message or body]

http://blog.talosintel.com/2017/01/grizzly-steppe.html


--
Joel Esler | Talos: Manager | jesler@cisco.com<mailto:jesler@cisco.com>






On Jan 5, 2017, at 11:40 AM, Joel Esler (jesler) \
<jesler@cisco.com<mailto:jesler@cisco.com>> wrote:

AMP has far more coverage than ClamAV.  As the coverage can be generated much more \
quickly and without a DB to download, it happens in real time.

As far as coverage for ClamAV, and Alain can correct me if I am wrong, I believe \
coverage has been pushed out.

--
Joel Esler | Talos: Manager | \
jesler@cisco.com<mailto:jesler@cisco.com><mailto:jesler@cisco.com>






On Jan 4, 2017, at 6:52 PM, Eric Tykwinski \
<eric-list@truenet.com<mailto:eric-list@truenet.com><mailto:eric-list@truenet.com>> \
wrote:

This was my concern about Cisco's AMP product on ASA's and NGIPS's.  I'm going to be \
beta testing stuff out shortly, but don't have high hopes besides the Snort rules.

Sincerely,

Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300

On Jan 4, 2017, at 6:23 PM, Reindl Harald \
<h.reindl@thelounge.net<mailto:h.reindl@thelounge.net><mailto:h.reindl@thelounge.net>> \
wrote:



Am 04.01.2017 um 23:12 schrieb Al Varnell:
Can somebody with access to those samples run them against a virgin ClamAV signature \
database to answer the question?  I'd be happy to if there are samples I can access.

official, virgin signatures don't and probably will never recognize recent malware \
and following this list you should know this already


_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net><mailto:clamav-users@lists.clamav.net>
 http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic