Dickepa 0 Posted November 3, 2017 Share Posted November 3, 2017 Hi I read recently that most av programs ignore signed applications when scanning! Is this true for Eset products or can we relax? Here's the paper Measuring the Breaches of Trusted signed Malware Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted November 3, 2017 Administrators Share Posted November 3, 2017 That doesn't hold true for ESET. Such files would need to have a valid Microsoft signature for instance in order not to be scanned. Link to comment Share on other sites More sharing options...
itman 1,659 Posted November 3, 2017 Share Posted November 3, 2017 I don't believe most AV scan engines ignore signed software per se. Malware authors employing stolen valid certs. has existed for years. However, some security solutions have components such as behavior monitor or HIPS than can be configured to allow Trusted Publishers and the like. Also code signing is more a factor in their reputational scanning feature than in realtime scanning in most AV products. Link to comment Share on other sites More sharing options...
Recommended Posts