Reveelium is meant to bridge the intelligence gap that antiviruses are confronted with and to cure all side-effects, bringing detection times down from a typical 12 months to 1 week and reduces false positives by 95%.
How to cure yourself of antivirus side effects @ReveeliumBlog
1. How to cure yourself of antivirus side-effects
According to a report released in 2014 by Software Advice, 30% of security experts believe that the
idea that antiviruses are becoming obsolete, given today’s mutating threats, is severely underrated.
However, despite this clearly voiced concern, the popular belief still remains that networks are fully
protected with up-to-date antivirus software. Contrary to what the name itself might suggest, there are
serious limitations to what it is capable of doing. As in the case of every unfortunate medical
prescription, “curing” security with a cost-efficient, yet ineffective solution can lead to undesired side-
effects.
But let us take one step back and examine things closer. An antivirus can protect your PC from the
moment the system is launched and until it is turned off. How to cure yourself of antivirus side-
effectsThe real issue here is the extent to which it can expand this protection, which is restricted to
the perimeter of its signature database. You might ask yourself: “how does this affect me?”. If you paid
enough attention to our previous article (see here), you will know by now that cyber-threats are
continuously evolving, faster that any antivirus is able of adapting to. In other words, you can only be
inoculated against known viruses, otherwise, the antivirus “shot” you so determinedly administer to
your information system will only give you a false sense of security. Not being able to ensure protection
against attacks that are especially targeted and coded, foreign to the existing signature virus database,
renders all scans null.
The problem, as with all virus outbreaks, is that a cyber-threat can only be officially identified by
antivirus editors once it has already successfully infected several entities and spread unknowingly
among the masses. That is, until someone finally takes notice of its presence and alerts software
suppliers, proving once more that the process has its flaws. In this case, other methods employed by
antivirus software editors come to the surface. Sandboxes, for instance, are a container used by
antiviruses, placed around a running application, ensuring none of the mess inside gets spreads
throughout the “playground”. It is the quarantine meant to prevent untrustworthy applications from
jeopardizing the integrity of your operating system.
Then there is also heuristic analysis, the equivalent of experimental treatment in cybersecurity.
Basically, the programming commands of a suspiciously behaving program are executed within a
specialized VM (virtual machine), which is an environment that simulates a completely separate
computer from the real-world machine. It then proceeds to playing out the scenario of what
repercussions that particular file may have. If viral activities are detected, the user receives a message
alerting him or her with concern to its potentially unsafe nature.
Yet, these approaches also have their drawbacks. Being based on the comparison of suspicious
programs with the code of already-known viruses, the likelihood of overlooking newly concocted ones
is quite high. This is even more the case when confronted with APTs, malicious behaviors, morphing
viruses, phishing and other malware & user actions, which elude or circumvent traditional or basic
security measures. These new threats trigger the dire necessity of a new security paradigm.
2. Luckily, these attacks often leave behind signs of their passing, much like the symptoms before
catching the flu. If we were to perhaps pay enough attention to these signals, however weak, and
catch on to them beforehand, we might just be able to put a stop to the threat before it becomes a full-
blown epidemic. But when it comes to identifying weak signals that are hidden in massive amounts of
data, current tools don’t stand a change. Given how security tools cannot be as selective and, more
often than not, hand over potential anomalies to human judgment, analysts everywhere are
overwhelmed. As such, ITrust proposes the Reveelium solution, developed to cure this issue by
analyzing billions of system events and logs, in real time, on a daily basis, and to identify occurring
anomalies in a system’s behavior, determining at the same time which ones are most likely to pose
security threats.
Reveelium is meant to bridge the intelligence gap that antiviruses are confronted with and to cure all
side-effects, bringing detection times down from a typical 12 months to 1 week and reduces false
positives by 95%. It can identify the symptoms of all malicious behaviors through its automated
anomaly detection system, built as a 3D technology comprising: a weak signal detection engine, the
result of extensive research into mathematical algorithms (1); a correlation engine, based on the
experience of system engineers and security consultants (2); a global knowledge base, Reveelium’s
experience repository which collects, abstracts and shares the behaviors identified across Reveelium
users (3).
Link:
https://www.reveelium.com/en/antivirus-disadvantages/