[Owasp-portland] Antivirus in the Enterprise - Is it dead yet?

Tim tim.morgan at owasp.org
Wed Nov 18 20:18:21 UTC 2015

Hi Hiep and Scott,

Here are the slides I used for my portion.  I don't have Tony's
updated slides so I'll let him respond with those.


Thanks for your perspective last night.  I know my argments cut
against security dogma and while I feel strongly that we need to
reexamine our use of many security products, I do want to attenuate my
assertions a little bit by saying this:  

If a security vendor adopts a strong "do no harm" ethic and policies,
implementing these by designing their own product to be very secure,
use the latest mitigation tools (compiler options, sandboxing) along
with regular security audits (code reviews, automated fuzzing, etc),
then I can see a place for these kind of products.  Currently, that's
*not* how most security products are developed (besides the examples I
gave, I've tested plenty of security products over the years and many
are awful).  I'm also skeptical that securely written security products
can survive in the market place, given the state of the industry, but
it is something we should strive for!

Best regards,

On Wed, Nov 18, 2015 at 06:06:52PM +0000, Hiep Dang wrote:
> Hi, all, thanks for the fun debate last night. There were some great points made. Would it be possible to share the slides that were presented? I'm very keen on hearing all of the concerns that people have on security products as it's my job to strive to make them better.
> Hiep Dang
> Director of Product Management
> hdang at cylance.com<mailto:hdang at cylance.com>
> 407-497-4437
> 1800 SW 1st Ave, Suite 100
> Portland, OR 97201

> --
> Owasp-portland mailing list
> https://lists.owasp.org/mailman/listinfo/owasp-portland
> A sincere thanks to our chapter supporters:
>   https://owasp.org/index.php/Portland#Chapter_Supporters

-------------- next part --------------
A non-text attachment was scrubbed...
Name: PortlandOWASP_Nov2015_IsAntiVirusWorthIt.pdf
Type: application/pdf
Size: 47220 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-portland/attachments/20151118/4ea38c42/attachment-0001.pdf>

More information about the OWASP-portland mailing list