Threat Alerts idea

Discussion in 'Prevx Releases' started by StevieO, Jul 25, 2009.

Thread Status:
Not open for further replies.
  1. StevieO

    StevieO Registered Member

    Joined:
    Feb 2, 2006
    Posts:
    1,067
    Would it be possible to code into Prevx a way to automatically send any and all detects directly to central command. This could potentially save you and us a lot of time in eliminating FP's, and confirming real nasties as well ?

    Maybe as an intermediate upgrade before the next version. If not in the next.
     
  2. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    We already have this data and we also know what will cause a false positive before it happens, therefore, we prevent any high volume false positives immediately. You managed to catch the last FP just a couple minutes after it was changed automatically into being malicious (which is part of the reason why we try and respond as quickly as possible - the faster we fix FPs, the less of a headache they are :))

    We also have a view of what files users are reporting as FPs but it is quite shocking how obvious it is when malware authors are trying to game our system to automatically report FPs... we have some actually malicious samples reported thousands of times every day from a wide range of computers :doubt: Apparently they don't understand how our systems work :D
     
  3. StevieO

    StevieO Registered Member

    Joined:
    Feb 2, 2006
    Posts:
    1,067
    " we also know what will cause a false positive before it happens "

    Aha, the secrets out at last, you're Psychic lol.

    Jeez, those baddies, they'll stop at almost nothing. Probably paying 1 cent per send to the same people who do do live dodgy captchas on the fly too !
     
  4. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Haha :D If I was psychic I wouldn't be working on the weekend :shifty:
     
Thread Status:
Not open for further replies.