Jump to content

AV Evasion


Dickepa
 Share

Recommended Posts

  • Administrators

That doesn't hold true for ESET. Such files would need to have a valid Microsoft signature for instance in order not to be scanned.

Link to comment
Share on other sites

I don't believe most AV scan engines ignore signed software per se. Malware authors employing stolen valid certs. has existed for years. However, some security solutions have components such as behavior monitor or HIPS than can be configured to allow Trusted Publishers and the like. Also code signing is more a factor in their reputational scanning feature than in realtime scanning in most AV products.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...