pallino

Phising, bad URL, script protection

Recommended Posts

Hello Emsi Team,

How does Emsi protect against Phising sites, bad URL and malicious scripts?

Do you use Emsi engine or /and Bitdefender' s one?

Do you use signature only detection or also heuristic and maybe a BB specific for these areas?

Thank you

Share this post


Link to post
Share on other sites

How does Emsi protect against Phising sites, bad URL and malicious scripts?

Technically by filtering DNS requests. We have a large list of malicious and phishing websites that is updated very frequently, and our software will monitor requests by programs on your computer (such as web browsers) to look up the IP addresses of websites, and if a website is found in our list then that attempt to look up its IP address is blocked. No IP address means the attempt to connect to the website fails.

Do you use Emsi engine or /and Bitdefender' s one?

We have our own engine, and we use BitDefender's engine as a second-opinion to enhance protection.

Do you use signature only detection or also heuristic and maybe a BB specific for these areas?

Thank you

We use heuristics in addition to more traditional methods (file hashes for instance). We classify everything in the database (heuristics, hashes, etc) as "signatures", although I understand that some other companies use the term "signatures" to refer to file hashes only.

Share this post


Link to post
Share on other sites

GT500,

thank you!

With heuristic do you mean Emsi capability of scanning software for suspect code/instructions?

Do you use,Emsi or BD heuristic?

Share this post


Link to post
Share on other sites

With heuristic do you mean Emsi capability of scanning software for suspect code/instructions?

Heuristics are essentially a way of detecting things that are not already known.

Do you use,Emsi or BD heuristic?

We have our own heuristic rules for our engine, and of course BitDefender has their own heuristic rules for their engine. Both engines are capable of heuristic detection.

Share this post


Link to post
Share on other sites

No, that would be something the Surf Protection would have to protect against, since they're just using subdomains on websites where they stole the login credentials to host malicious content.

Share this post


Link to post
Share on other sites

The Surf Protection uses a list of "Host Rules" (websites to be blocked), so essentially a blacklist.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.