Poor business decisions can be very costly, especially in cybersecurity, where so-called false positives can have very damaging consequences.
Search results for: "false positive"
The key to beating hackers might not just lie in stronger security measures and ‘unbreakable’ passwords. Now, it seems like an element of trickery is required – almost beating hackers at their own game. Two independent security researchers have developed a system which they call ‘Honey Encryption’, which promises to make it harder for hackers
All this is potentially frightening and inconvenient (or worse) for a home user. And if it happens in a corporate environment, it can be very, very expensive to remedy. So while some of the public comments we see in the wake of such incidents may seem over the top, "FP rage" is certainly understandable.
Security researchers work together and share information in many ways and in many contexts that aren't constrained by company boundaries, but it's unusual for security researchers working for different vendors to join forces in a company blog. However, John Leyden of The Register contacted us both when he was writing an article on the controversy following
The anti-malware industry isn’t a suitable environment for the thin-skinned. We get used to receiving “more kicks than ha’pence” (see http://www.virusbtn.com/spambulletin/archive/2006/11/vb200611-OK).. In particular, I’ve grown accustomed to the fact that many people expect all the following from an AV product: Absolute Protection Absolute Convenience Absolutely no False Positives Absolutely no charge False positives (FPs) are
False positives. Every anti-malware vendor’s worst nightmare. The European publisher Heise, apparently recently reinvented as The H, has pointed out that both GData and Bitdefender were inaccurately flagging winlogon.exe as Trojan.Generic.1423603. In case you were wondering, this doesn’t mean the whole anti-malware industry has gone mad: GData’s product uses two engines, one of which is
Retrospective or "frozen" testing involves testing the ability of one or more products to detect threats proactively, using techniques such as advanced heuristics rather than signature detection.
We’re quite proud of our record of low false positive rates, despite the occasional slip-up (all AV scanners have them: it’s an unfortunate fact of life, but we like to think that our usefulness in detecting real malware outweighs them in the long term). However, I’ve just been advised by our friends at Sophos (yes,
Many American homes have a false sense of security when it comes to their devices and networks – their digital doors could do with better protection.
Lenovo's installation of a security-breaking app called Superfish on some computers has customers justifiably angry, but some folks are now unnecessarily confused by false positive detection.
Could Myris bring eye‑scanning to the mainstream? Mouse‑sized dongle offers better security than fingerprints, makers claim
A tiny new iris-scanner which plugs into smart devices and PCs could eradicate the need for passwords entirely - and it offers a far higher level of security than fingerprint scanners, with a ‘false positive’ chance of just 1 in 2.25 trillion.
Symantec's transient false positive detection of Facebook as a malicious site leads to serious thoughts about Facebook and privacy...
At the last AMTSO workshop in Munich, a guidelines document on False Positive (FP) testing was approved, and is now available on the AMTSO documents page.
After being targeted by an Android DDoS app, ESET seized the opportunity to analyze the attack and to help put an end to it
It’s prudent to get a security solution for your device, but a test by AV-Comparatives shows why you need to choose judiciously
ESET researchers discovered a set of previously undocumented Linux malware families based on OpenSSH. In the white paper, “The Dark Side of the ForSSHe”, they release analysis of 21 malware families to improve the prevention, detection and remediation of such threats
ESET’s analysis of a recent backdoor used by TeleBots – the group behind the massive NotPetya ransomware outbreak – uncovers strong code similarities to the Industroyer main backdoor, revealing a rumored connection that was not previously proven
Taking advantage of the celebration of the Day of the Programmer, we share some audit tools to evaluate the security of your code
An interview with ESET’s Lukáš Štefanko on the thin line between what deserves the name “security app” and what can be called fake.
A closer look at Anti-Malware tests and the sometimes unreliable nature of the process.