-
Audit your products: source code reviews & fuzzing.
- No, AV Comparatives and the like are not even remotely close to this.
- Running a Bug Bounty, like Avast, is a very good idea too.
- Internal code audits are good. Third-party ones are awesome.
-
Do not use the highest privileges possible for scanning network packets, files, etc...
- You don't need to be root/system to scan a network packet or a file.
- You only need root/system to get the contents of that packet or file.
- Send the network packet or file contents to another, low-privileged or sandboxed process.
Last active
December 30, 2024 09:47
-
-
Save fastfingertips/8e1176cfa6c238fc44601818e333f8a7 to your computer and use it in GitHub Desktop.
Recommendations for AV companies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment