Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 0 subscribers
  • Views 10867 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Behaviour detection

cyberjog

Hello, 

I believe, for performing behaviour based detection , there may not be any signatures , and most of the detection is based on 

husristics/scan  performed on the code/attachment etc.

Can anybody please provide  samples/examples of behaviour based malware.

Deployement of Sophos engine would be in a security gateway .

:17799


This thread was automatically locked due to age.
Parents
  • 0

    Thanks for rephrasing :smileyhappy:

    The Behavioral Genotype Protection article was written in 2006 as you can see, I'd call it a marketing buzzword (no insult intended - but see the SophosLabs™ , a techie would never use this ™ :smileywink:) and nowadays there's Sophos Genotype®  and Behavioral Genotype® Protection . Anyway this is not a configurable addition or only available under certain conditions but part of the scanning engine. Though neither the Web nor the Endpoint Security datasheets still mention Genotype but the Email Security does :smileyhappy:

    As for web traffic - this usually means HTTP(S) traffic and there are no "attachments", email attachments will be scanned in both directions and I guess uploads as well.

    Christian

    :17857
Reply
  • 0

    Thanks for rephrasing :smileyhappy:

    The Behavioral Genotype Protection article was written in 2006 as you can see, I'd call it a marketing buzzword (no insult intended - but see the SophosLabs™ , a techie would never use this ™ :smileywink:) and nowadays there's Sophos Genotype®  and Behavioral Genotype® Protection . Anyway this is not a configurable addition or only available under certain conditions but part of the scanning engine. Though neither the Web nor the Endpoint Security datasheets still mention Genotype but the Email Security does :smileyhappy:

    As for web traffic - this usually means HTTP(S) traffic and there are no "attachments", email attachments will be scanned in both directions and I guess uploads as well.

    Christian

    :17857
Children
No Data
Unfiltered HTML