By Kelly Jackson Higgins
An independent test of advanced threat detection products demonstrates how they could be bypassed by attackers.
Some of the top advanced threat detection products failed to catch custom-written malware samples posing as targeted attacks in an independent lab study.
Researchers from the Laboratory of Cryptography and System Security (CrySyS) Lab and MRG Effitas teamed up to test five "well-established" advanced threat detection appliances to see just how effective these technologies are in spotting unknown threats. The goal of the tests was not to determine the detection rates of the products, but rather to see whether they could bypass them. The researchers did not reveal the names of the products.
One of the four custom samples written by the researchers snuck past all five of the products, while another bypassed three of them. The two most basic samples were detected by all five of the products, but in some cases they registered only a low-severity alarm.
full article
Be the first to reply!
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.