mantra 1 Posted September 29, 2015 Share Posted September 29, 2015 (edited) Hi i'm running the last v8 built under windows 10 64bit pro may i ask 2 question about Live Grid ? 1) does eset download a white list "hashes" (live grid ) to detect safe programs ? 2) does all the version (v8 ,v7 ,v6) use the same Live Grid tecnology ? i read the manual , but there is nothing outside information about scanned files is verified against data from the cloud-based ESET Live Grid to improve detection and scanning speed what does it means ? that i need to internet connection active to use the live grid ? thanks Edited September 29, 2015 by mantra Link to comment Share on other sites More sharing options...
SweX 871 Posted September 29, 2015 Share Posted September 29, 2015 Hi mantra, The following information about LiveGrid does at least apply to V8 and V9..... ESET LiveGrid is an advanced early warning system comprised of several cloud-based technologies. It helps to detect emerging threats based on file and URL reputation and improves scanning performance by means of whitelisting. New threat information is streamed to the cloud in real-time, which enables the ESET Malware Research Lab to provide a timely response and consistent protection at all times. ESET malware researchers use the gathered information to construct an accurate snapshot of the nature and scope of global threats, which helps us to focus in on the right targets. The ESET LiveGrid reputation system improves the efficiency of ESET anti-malware solutions by comparing scanned files to a vast, cloud-based database of known objects. When an executable file or archive is being inspected on the user’s system, its hashtag is first compared against these white- and blacklisted items. If the inspected item appears on the whitelist, it is considered clean and is flagged to be excluded from future scans. If it is on the blacklist, appropriate actions are taken – based on the nature of the threat. Only when no match is found is the file in question scanned thoroughly. This approach has a significant positive impact on our products’ scanning performance. Previously unknown suspicious samples/objects are collected and automatically processed on our in-the-cloud backend systems (including sandboxing). If a sample proves to be malicious, automated signatures are generated and immediately pushed out to our customers. This mechanism allows for effective detection of emerging threats even before the regular signatures are delivered to users’ computer via our standard signature database update (which happens several times a day). Yes, LiveGrid is a "cloud service" so in order to take full advantage of LiveGrid and for data to be sent between your computer and LiveGrid one need to be connected to the internet. And have LiveGrid enabled in the product of course. Link to comment Share on other sites More sharing options...
itman 1,746 Posted September 29, 2015 Share Posted September 29, 2015 Previously unknown suspicious samples/objects are collected and automatically processed on our in-the-cloud backend systems (including sandboxing). Problem here is if it's cloaked malware some of which are sandbox aware, it could escape detection. The implication here is it is passes cloud and back-end scanning, the software will be whitelisted on your PC? Link to comment Share on other sites More sharing options...
rugk 397 Posted September 29, 2015 Share Posted September 29, 2015 (edited) Problem here is if it's cloaked malware some of which are sandbox aware, it could escape detection. You don't know what sandbox ESET uses and the malware (author [hopefully]) does not know this either. Additionally there could be multiple sandboxed used or the file could otherwise be analysed or processed before it's given to the sandbox. Basically many things could happen there. And I'm sure ESET makes it as hard as possible for the malware to get out that it's running in a sandbox. The implication here is it is passes cloud and back-end scanning, the software will be whitelisted on your PC? It would not be whitelisted - it just would not be detected. That means if there is a traditional signature it would still detect it. To get on the cloud whitelist a file must pass more criteria than a single test AFAIK. E.g. statistical things like how many users use it, how new the file is may play a role, but I think there are more factors, which ESET won't disclose - of course. BTW - I like this one: "its hashtag is first compared against these white- and blacklisted items" Hashtag? #maliciousfile Whoever wrote the help possibly just meant hash and not hashtag. Edited September 29, 2015 by rugk Link to comment Share on other sites More sharing options...
mantra 1 Posted September 30, 2015 Author Share Posted September 30, 2015 Hi mantra, The following information about LiveGrid does at least apply to V8 and V9..... Yes, LiveGrid is a "cloud service" so in order to take full advantage of LiveGrid and for data to be sent between your computer and LiveGrid one need to be connected to the internet. And have LiveGrid enabled in the product of course. thanks i have noticed that live grid works better in v8 then prev. version when did eset intruduce it ? i mean in version 4 ? thanks again Link to comment Share on other sites More sharing options...
ESET Moderators TomasP 318 Posted September 30, 2015 ESET Moderators Share Posted September 30, 2015 Hi, we have introduced ESET LiveGrid with our v5 Windows products. Link to comment Share on other sites More sharing options...
mantra 1 Posted September 30, 2015 Author Share Posted September 30, 2015 Hi, we have introduced ESET LiveGrid with our v5 Windows products. thanks! Link to comment Share on other sites More sharing options...
rugk 397 Posted September 30, 2015 Share Posted September 30, 2015 (edited) Interesting to know. However I don't know why this matters... Especially how do you get this conclusion? i have noticed that live grid works better in v8 then prev. version I think there weren't significantly changes and the new LiveGrid module is independent of the product versions (also appears in v8). Edited September 30, 2015 by rugk Link to comment Share on other sites More sharing options...
Administrators Marcos 5,259 Posted September 30, 2015 Administrators Share Posted September 30, 2015 i have noticed that live grid works better in v8 then prev. version I think there weren't significantly changes and the new LiveGrid module is independent of the product versions (also appears in v8). That's true. LiveGrid works the same way regardless of whether one has v5 or newer installed. Link to comment Share on other sites More sharing options...
mantra 1 Posted October 1, 2015 Author Share Posted October 1, 2015 Interesting to know. However I don't know why this matters... Especially how do you get this conclusion? i have noticed that live grid works better in v8 then prev. version I think there weren't significantly changes and the new LiveGrid module is independent of the product versions (also appears in v8). hi about https://forum.eset.com/topic/3296-is-smart-security-v6-100-compatible-with-w81-64bit/ update to v8 no more lags with the settings suggested by eset Link to comment Share on other sites More sharing options...
Recommended Posts