Question regarding reputation based alerts

Discussion in 'ESET NOD32 Antivirus' started by NiklasSchmidt, Aug 7, 2012.

Thread Status:
Not open for further replies.
  1. NiklasSchmidt

    NiklasSchmidt Registered Member

    Joined:
    Aug 7, 2012
    Posts:
    2
    Location:
    Germany
    Hey,

    We are looking to protect our network against possible APT threats and one of the best solutions we could find is reputation based protection. In order to achieve maximum effectiveness, we would prefer that the product will alert the end-user in our organization when a suspicious file is detected on his PC, based on file reputation.

    Currently as far as I know, nothing is said about when it alerts me if a suspicious file (low reputation) is found on my system.

    I would like to know if NOD32 or any other ESET product already includes this feature (reputation based alerts). If not, how long before it becomes available for users?


    Thanks,

    Niklas
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Assessing harmlessness of files based solely on reputation would lead to myriads of false positives. There are many other smart ways how to determine if a file is benign or if it poses a threat; reputation can be used only as an auxiliary parameter in certain cases.
     
  3. NiklasSchmidt

    NiklasSchmidt Registered Member

    Joined:
    Aug 7, 2012
    Posts:
    2
    Location:
    Germany
    OK, thanks for the answer. I know false-positives are a big issue but still I am looking for an AV product that can alert me based on file reputation. If settings enable me to choose the level of RBP sensitivity, that will be even better..

    So, I take it ESET basically doesn't provide these kind of RBP alerts in their products today?

    Thanks
     
  4. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    ESET will never use any approach that will dramatically increase the number of false positives; we've always striven for achieving high detection rates with false positives cut to the bare minimum using smart techniques. So the answer is no if you're looking for a solution triggering alerts based solely on reputation. However, reputation of running processes and selected files can be checked on demand.
     
    Last edited: Aug 8, 2012
  5. corneliusd

    corneliusd Registered Member

    Joined:
    Aug 30, 2012
    Posts:
    1
    Location:
    USA
    Marcos,

    I really appreciate ESET's stance on this. The company I work for has standardized on a different A/V tool and their reputation scan is brutal in that it instantly deletes applications if that file is not in their database. Being a software developer of multiple small custom projects, this is extremely frustrating. Finally, I had to exclude my entire development drive just so I could function.

    I've used Nod32 on my home computers for years and will do what I can to get ESET implemented at my job as well. You guys are great!
     
Thread Status:
Not open for further replies.