Customer-driven anti-malware signatures

John Alexander Lockheed Martin

Has the time come for anti-malware vendors to allow customers to write their own anti-malware signatures? Anti-malware vendors typically consider the technical details of their scan engines and their associate signatures to be proprietary. Perhaps the time has come for more technical transparency and collaboration between vendors and their customers. Increasingly, cases are being made to allow customers to leverage the decomposition and inspection power of anti-malware tools for private means. Security practitioners are able to write their own signatures for most security products except anti-malware. Perhaps customers could innovate new signatures that anti-malware vendors with a global perspective might be risk adverse to attempt. We have already seen this work well with particular product-specific configuration within certain anti-malware products; why not signatures too? This paper will be a discussion of some of those business cases, customer challenges, how the anti-malware industry might be able to help solve these problems, and perhaps start a broader industry discussion.



twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.