Video Screencast Help
Protect Your POS Environment Against Retail Data Breaches. Learn More.

Zero day threat

Created: 04 Mar 2013 • Updated: 07 Mar 2013 | 7 comments
This issue has been solved. See solution.

What is the zero day threat vernability in sonar?

Comments 7 CommentsJump to latest comment

Ashish-Sharma's picture

 

SONAR is a real-time protection that detects potentially malicious applications when they run on your computers. SONAR provides "zero-day" protection because it detects threats before traditional virus and spyware detection definitions have been created to address the threats.

SONAR uses heuristics as well as reputation data to detect emerging and unknown threats. SONAR provides an additional level of protection on your client computers and complements your existing Virus and Spyware Protection, intrusion prevention, and firewall protection.

SONAR uses a heuristics system that leverages Symantec's online intelligence network with proactive local monitoring on your client computers to detect emerging threats. SONAR also detects changes or behavior on your client computers that you should monitor.

About SONAR

http://www.symantec.com/business/support/index?page=content&id=HOWTO81392

Thanks In Advance

Ashish Sharma

 

 

.Brian's picture

SONAR uses heuristics or "behavioral analysis" to determine a potential threat. It will examine the file for malware like characteristics (opening backdoors, file injections, etc) so it will not rely on signature based file detections.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Ambesh_444's picture

 

Hi,

Please check About SONAR..

 

Article:HOWTO81392  |  Created: 2012-10-25  |  Updated: 2012-10-27  |  Article URLhttp://www.symantec.com/docs/HOWTO81392

Re-Edit
Managing SONAR

 

Article:HOWTO55215  |  Created: 2011-06-29  |  Updated: 2011-12-17  |  Article URLhttp://www.symantec.com/docs/HOWTO55215

Configuring TruScan proactive threat scan settings for legacy clients

 

Article:HOWTO55255  |  Created: 2011-06-29  |  Updated: 2011-12-17  |  Article URLhttp://www.symantec.com/docs/HOWTO55255

About adjusting TruScan settings for legacy clients

 

Article:HOWTO55257  |  Created: 2011-06-29  |  Updated: 2011-12-17  |  Article URLhttp://www.symantec.com/docs/HOWTO55257

Find the attach thread for your knowledge

https://www-secure.symantec.com/connect/forums/sep-121-sonar-definitions

https://www-secure.symantec.com/connect/forums/manually-update-sonar-definitions

https://www-secure.symantec.com/connect/forums/where-are-truscan-logs-sepm-12

 

Thank& Regards,

Ambesh

"Your satisfaction is very important to us. If you find above information helpful or it has resolved your issue. Please don't forget to mark the thread as solved."

Ambesh_444's picture

Hi,

Have you recieved your answer..

 

Thank& Regards,

Ambesh

"Your satisfaction is very important to us. If you find above information helpful or it has resolved your issue. Please don't forget to mark the thread as solved."

consoleadmin's picture

Thanks Ashish and Brian for reply.

Ambesh- I think you have not read my question before repplying on it. My question is What is the zero day threat vernability?

Thanks.

SebastianZ's picture

You can find some more information here:

http://www.symantec.com/threatreport/topic.jsp?id=...

http://en.wikipedia.org/wiki/Zero-day_attack

 

Zero-Day Vulnerabilities

Background
Zero-day vulnerabilities are vulnerabilities against which no vendor has released a patch. The absence of a patch for a zero-day vulnerability presents a threat to organizations and consumers alike, because in many cases these threats can evade purely signature-based detection until a patch is released. The unexpected nature of zero-day threats is a serious concern, especially because they may be used in targeted attacks and in the propagation of malicious code.
Methodology
Zero-day vulnerabilities are a sub-set of the total number of vulnerabilities documented over the reporting period. A zero-day vulnerability is one that appears to have been exploited in the wild prior to being publicly known. It may not have been known to the affected vendor prior to exploitation and, at the time of the exploit activity, the vendor had not released a patch. The data for this section consists of the vulnerabilities that Symantec has identified that meet the above criteria.

 

SOLUTION
consoleadmin's picture

 

Thanks Sebastian,

That is the actuall information which i required.

Thanks.