Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Kaspersky Internet Security: Network Attack Blocker Design Flaw (code.google.com)
40 points by luu on Oct 10, 2015 | hide | past | favorite | 8 comments



We use Kaspersky Endpoint Security at our location. By my count, this is the third flaw found with Kaspersky in the last 30 days.

The reasons for choosing Kaspersky were the great reputation and the admin console.

Any other suggestions for protecting a mix of Windows workstations and servers?


>The reasons for choosing Kaspersky were the great reputation and the admin console.

>Any other suggestions for protecting a mix of Windows workstations and servers?

I don't understand your line of thinking. Why choose something else when Google's working hard on making sure Kaspersky works properly? It's not like any other solution you pick will be bug-free. At least now, after Google's hard work and heavy 'tire-kicking', you can be safer that major bugs in Kaspersky are being taken care of.


Tavis' work isn't enough to significantly improve the quality of any of these "security" products -- that would take a big investment that isn't really feasible for a third-party. Honestly, he's just demonstrating that these products are all littered with trivially found and exploited vulnerabilities, and that they generally make their users less safe.

Microsoft Defender is the only product that Tavis didn't repeatedly knock over in a matter of days. If I were to venture a guess as to why, I'd say that Microsoft's incentives are more in line with their users here. They understand secure development process and aren't selling Defender. So, they're starting from a better security baseline and have no reason to add tons of attack surface in the name of market differentiators.


Look into bromium for a malware isolation solution. Detection is obsolete given the number of zero days exploited in the recent past


>Detection is obsolete given the number of zero days exploited in the recent past

Not in the majority of the cases. Widespread attacks from botnets very rarely use zero days. Unless you company is special enough to be targeted, most of your attacks will not be zero days.


Bromium has one of the best security platforms out there and one of the worst sales/marketing teams in the industry. More people should know they are out there.


We have recently selected Sophos for endpoint protection, and so far it has been working great. Its admin console is a SaaS with a very decent interface.

But to be honest I'm not sure how good Sophos is under the hood, either. They have a good reputation, but we have only been running it for a short while.


I would seriously take a look at Eset (www.eset.com) and while I know Symantec had a really poor reputation their stuff seems a bit more solid these days. Check out av-test.org or av-comparatives for more info.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: