pallino

Emsi anti-exploit

Recommended Posts

That is the same question as the file-less infection one. No, we do not provide anti-exploit capabilities. We do protect from the payload these exploits drop, but we do not attempt to mitigate the exploit itself.

Share this post


Link to post
Share on other sites

...similar since it was specific about file-less infections.

I hoped BB would protect somehow from exploits.

Are you thinking at adding some anti-exploit features in the future (alone or, maybe through acquisition/merge with others? :-) )?

Share this post


Link to post
Share on other sites

The problem is that a significant portion of our users expect EAM to run alongside other AVs, which often already implement exploit mitigation features. Multiple exploit mitigations will ultimately clash in many cases. If you ever tried to run MBAE alongside EMET you know what I am talking about. So we will do it only if we can somehow maintain compatibility with other AVs.

Share this post


Link to post
Share on other sites

Why should someone need/want to use Emsi with other AV?

The day Emsi will have a anti-exploit users will have no reason to install other solutions....and if this will not allow to run Emsi alongside other AV, probably, even better...or? :-)

Share this post


Link to post
Share on other sites

Some people use EAM for its antimalware capabilities to support other AVs with poor AM detection (i.e. Kaspersky). So compability is important IMO.

Share this post


Link to post
Share on other sites

Why should someone need/want to use Emsi with other AV?

The day Emsi will have a anti-exploit users will have no reason to install other solutions....and if this will not allow to run Emsi alongside other AV, probably, even better...or? :-)

 

You keep asking the same question and getting the same answer.  I would suggest putting it to rest and relax.  You are protected.

Share this post


Link to post
Share on other sites

I don t want to start a discussion about this but I don't agree

if I didn't ask, I and others wouldn't know that Emai does not detect filess infections at all in realtime, that an anti-exploit is a must, that Emsi is used by many to add security to ather AV...etc...only with curiosity and questions/good answers you learn and improve.

:-)

Now I rest and relax. :-)

Share this post


Link to post
Share on other sites

Of course, I m sure all this is all easily and quicly available on the internet. I lost a lot of time to find this out, e.g on Wilders where there is a long discussion about if filess infectiond are detected or not by some products...I saw many many people confused or with wrong ideas.

I doubt many people knew and know that Emsi as other programs cannot, as you said, as of now detect in realtime filess infections.

Anyway I know more now, I'm happy and safer and happy to think I could help other people to find many clear answers only on one page..

thanks

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.