IDS mailing list archives

Re: HIPS Comparative ?

From: Stefano Zanero <s.zanero () securenetwork it>
Date: Sat, 01 Dec 2007 14:06:18 +0100

Albert R. Campa wrote:

SC mag did a product test on various HIPS agents. Also see if you can
get your hands on some Gartner documentation.
http://www.scmagazineus.com/Anti-malware-management-2007/GroupTest/31/


Am I the only one that finds the equation HIPS = anti-malware a bit biased ?

Anti-malware is just a fraction of what an HIPS should do, and it's the
part which is similar to what antiviruses already do. In fact, many of
those products have little difference from your common antivirus suite.

An HID/PS on the other hand should be broader, encompassing also
detection of attack activities that have nothing to do with malware
being deployed in a drive-by fashion.

Stefano


------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw 
to learn more.
------------------------------------------------------------------------

Current thread:

Re: HIPS Comparative ? Stefano Zanero (Dec 03)
- RE: HIPS Comparative ? Marc Maiffret (Dec 05)
- <Possible follow-ups>
- Re: HIPS Comparative ? Javier Reyna Padilla (Dec 07)