• ssm@lemmy.sdf.org
      link
      fedilink
      arrow-up
      25
      arrow-down
      5
      ·
      edit-2
      7 months ago

      “ClamAV is bad so instead of improving it I’m going to cuck to proprietary standards instead”

      I never said ClamAV was good or bad, nor was that the point.

        • Saik0@lemmy.saik0.com
          link
          fedilink
          English
          arrow-up
          5
          arrow-down
          1
          ·
          7 months ago

          The latter is beyond lacking in open source ecosystem

          And yet software like Wazuh (https://github.com/wazuh) exist… Which are complete SIEM and XDR platform. Which does more than any antivirus could ever dream to do. But somehow OSS security is lacking? Sounds like you haven’t looked at the security field seriously in decades. Kaspersky doesn’t lead the pack in anything and it isn’t in a “level field”. Quite the contrary Antivirus as a concept has been commodified in IT. They’re all generally drop in replacements for each other and are not what is actually used to prove to security auditors that systems are secure. You may get %1 detection differences between platforms or maybe an update 30 minutes or an hour earlier. This is generally meaningless and the modern tools actually used to prove security go way deeper than an antivirus.

          Lying to yourself is never going to solve problems.

          Seems to work for you though?

            • Saik0@lemmy.saik0.com
              link
              fedilink
              English
              arrow-up
              2
              arrow-down
              1
              ·
              edit-2
              7 months ago

              you would realise security even without the cloud is critical to protecting systems

              Wazuh, the software I specifically called out. Is not “cloud”. They offer a cloud service, yes (that’s how they make money, on lazy admins or orgs that are too small to house their own infra). But it is self-hosted and designed to be run within the network.

              You clearly have no idea what the current security market looks like. Nor what half of the terms you use actually mean.

              Edit: Forgot to address this too

              Virtualising every single system endpoint is practically impossible, which Wazuh seems to rely on.

              No. The agent can be installed on ANY system. They recommend you install the orchestration/control node virtualized, which you don’t have to do. You can install it on a raw system though that would be a huge waste of resources. You seem to have missed that.

          • corsicanguppy@lemmy.ca
            link
            fedilink
            arrow-up
            1
            ·
            7 months ago

            Was that what got my comment removed?

            My entire career is one counterexample to this after another. It’s not that I’ve seen different; I’ve only seen different.

            Or that?

            Now go fud someone else if you want your weekly bonus, comrade.

            It reminds me of a joke that ends in “I don’t know, and I don’t care”, but the setup seems so much more relevant.