Maybe defense ops maturity is a factor also. Does Tavis need AV in his Google Beyondcorp environment? Probably not. Do many of us need it to protect environments full of legacy and security compromises? Yes. At least maybe. Big difference in which AV also.
-
This Tweet is unavailable.
-
-
This Tweet is unavailable.
-
Windows defense is getting better at mitigations outside of traditional AV especially, for AV it doesnt do much though from the tests I've seen over the last few years. To you the trad-AV part of Defender works?
0 replies 0 retweets 0 likes -
This Tweet is unavailable.
-
I really think you're confused about what whitelisting is.
0 replies 0 retweets 2 likes -
This Tweet is unavailable.
-
You can entirely cover with just whitelisting, it's literally a list of things that are authorized. Antivirus is the opposite, a list of things that are not authorized or suspicious, all these things that you're talking about require unauthorized code execution.
2 replies 0 retweets 0 likes -
Replying to @taviso @infosecspy and
Entirely cover? If I remember right I've seen like at least 20 whitelisting bypasses from SubTee alone. Or are we talking different types of whitelisting here?
2 replies 0 retweets 1 like
How exactly are you going to run one of those bypasses? They require code execution first, which you don't have.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.