|
|
|
|
|
|
by ymck
704 days ago
|
|
|
There are a number of OSS EDRs. They all suck. DAT-style content updates and signature-based prevention are very archaic. Directly loading content into memory and a hard-coded list of threats? I was honestly shocked that CS was still doing DAT-style updates in an age of ML and real-time threat feeds. There are a number of vendors who've offered it for almost a decade. We use one. We have to run updates a couple of times a year. SMH. The 90's want their endpoint tech back. |
|
|