• ssm@lemmy.sdf.org
        link
        fedilink
        arrow-up
        23
        arrow-down
        4
        ·
        edit-2
        7 months ago

        “ClamAV is bad so instead of improving it I’m going to cuck to proprietary standards instead”

        I never said ClamAV was good or bad, nor was that the point.

          • Saik0@lemmy.saik0.com
            link
            fedilink
            English
            arrow-up
            4
            arrow-down
            1
            ·
            7 months ago

            The latter is beyond lacking in open source ecosystem

            And yet software like Wazuh (https://github.com/wazuh) exist… Which are complete SIEM and XDR platform. Which does more than any antivirus could ever dream to do. But somehow OSS security is lacking? Sounds like you haven’t looked at the security field seriously in decades. Kaspersky doesn’t lead the pack in anything and it isn’t in a “level field”. Quite the contrary Antivirus as a concept has been commodified in IT. They’re all generally drop in replacements for each other and are not what is actually used to prove to security auditors that systems are secure. You may get %1 detection differences between platforms or maybe an update 30 minutes or an hour earlier. This is generally meaningless and the modern tools actually used to prove security go way deeper than an antivirus.

            Lying to yourself is never going to solve problems.

            Seems to work for you though?

              • Saik0@lemmy.saik0.com
                link
                fedilink
                English
                arrow-up
                2
                arrow-down
                1
                ·
                edit-2
                7 months ago

                you would realise security even without the cloud is critical to protecting systems

                Wazuh, the software I specifically called out. Is not “cloud”. They offer a cloud service, yes (that’s how they make money, on lazy admins or orgs that are too small to house their own infra). But it is self-hosted and designed to be run within the network.

                You clearly have no idea what the current security market looks like. Nor what half of the terms you use actually mean.

                Edit: Forgot to address this too

                Virtualising every single system endpoint is practically impossible, which Wazuh seems to rely on.

                No. The agent can be installed on ANY system. They recommend you install the orchestration/control node virtualized, which you don’t have to do. You can install it on a raw system though that would be a huge waste of resources. You seem to have missed that.

            • corsicanguppy@lemmy.ca
              link
              fedilink
              arrow-up
              1
              ·
              7 months ago

              Was that what got my comment removed?

              My entire career is one counterexample to this after another. It’s not that I’ve seen different; I’ve only seen different.

              Or that?

              Now go fud someone else if you want your weekly bonus, comrade.

              It reminds me of a joke that ends in “I don’t know, and I don’t care”, but the setup seems so much more relevant.