However, as you mentioned, this generally requires us to update the database of known bad websites so can sometimes be a bit slow and maybe the file does get downloaded. In this situation, our Web Protection is very good at blocking malicious websites. You generally have to download the virus from somewhere. To explain a bit more, here's a typical flow: If we can stop the infection from getting to the computer in the first place, then the rootkit can't get to a point where it can bypass detection. While rootkits are designed to bypass a lot of AV, this is why we rely on our multi-layer protection. We are continuously improving the logic though. We've had machine learning and heuristic for a year now, if not longer.
0 Comments
Leave a Reply. |