Such product is susceptible to "pool pollution" attack and can be bypassed with clever social engineering. And for some static ML engines with low FPs in such test, one can easily trigger an FP by randomly padding zeroes and ones at the end of a benign file. On the other hand, if one product performs well in such FP test, it doesn't necessarily mean it is indeed low in FPs in real life.įor some "low FP" product in such test, one can easily make it generate an FP using simple tools and innocent code (like hello world). I personally tend to interpret the FP test in such 3rd party test as: if one product performs poorly in such FP test, it is indeed bad (and there is actually a sensible gap betwen 1~2 FPs and 4~5 FPs in such test when using the product in real life). But it also generates way more false positives. It blacklist threats very quickly with recent updates. MSE is indeed impressive with their new cloud system.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |