O'Reilly logo

Enterprise Security: A Data-Centric Approach to Securing the Enterprise by Aaron Woody

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Anti-virus

Anti-virus is considered as a necessary security mechanism for the low-hanging fruit, predictable malware, most of it old, easy to detect, and still dangerous. Anti-virus primarily uses two methods to detect malware:

  • Signature: This method looks for known patterns of malware
  • Heuristics: In this method the behavior of potential malware is analyzed for malicious actions

Depending on the sophistication of the threat, and if detected, the solution may be able to "clean" the virus from the system. With encoding and encryption methods the norm for malware and hackers, detection is near impossible.

Note

A common method to exploit systems with malware is to bypass anti-virus using simple techniques. Methods include encoding, encryption, obfuscation, ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required