Since Software Analyzer is becoming a part of avast!, I have few questions regarding it. I’ve already tested it and I know first hand it’s brutally effective. But I’m already thinking for the future…
How flexible is Software Analyzer, can its rulesets be updated using streaming or VPS updates or only as program update?
Is avast! team already planning on enhancing it further already with new “sensors” and expanded rules?
Any plans to combine CyberCapture and Software Analyzer capabilities?
Is Software Analyzer giving CyberCapture very much needed flexibility when it comes to other infection vectors other than web (like it is now)?
I just want to learn more about Software Analyzer because it’s an amazing piece of technology with results I can already see today and I really don’t want it to stagnate, I want it to become even more powerful than it already is.
The Software Analyzer rules are in the VPS. Streaming updates… well, some detections delivered via streaming updates already are used by Software Analyzer. Whether some other related stuff would be delivered via streaming updates in the future - definitely can happen, but hard to say anything specific right now.
Right now, we’re still quite busy with the actual integration, but I’m quite sure enhancements will happen
Now that I’m thinking, it’s really not necessary to deliver updates for it via streaming updates, regular VPS would be more than enough frequent. I mean, the whole point of Software Analyzer is to operate as efficiently as possible without any updates. But is nice if you guys can update it on the fly for emerging threats that might be hard to cover with signatures, but easy using behavior blocker.
I really hope it will help in protection though, better than Avast NG or even DeepScreen which can be bypassed by just malware coded to run its malicious stuff after 20+ seconds