Zero day threat
Created: 04 Mar 2013 | Updated: 07 Mar 2013 | 7 comments
This issue has been solved. See solution.
What is the zero day threat vernability in sonar?
Discussion Filed Under:
What is the zero day threat vernability in sonar?
Comments 7 Comments • Jump to latest comment
SONAR is a real-time protection that detects potentially malicious applications when they run on your computers. SONAR provides "zero-day" protection because it detects threats before traditional virus and spyware detection definitions have been created to address the threats.
SONAR uses heuristics as well as reputation data to detect emerging and unknown threats. SONAR provides an additional level of protection on your client computers and complements your existing Virus and Spyware Protection, intrusion prevention, and firewall protection.
SONAR uses a heuristics system that leverages Symantec's online intelligence network with proactive local monitoring on your client computers to detect emerging threats. SONAR also detects changes or behavior on your client computers that you should monitor.
About SONAR
http://www.symantec.com/business/support/index?page=content&id=HOWTO81392
Thanks In Advance
Ashish Sharma
SEPM Knowledgebase Documents
SONAR uses heuristics or "behavioral analysis" to determine a potential threat. It will examine the file for malware like characteristics (opening backdoors, file injections, etc) so it will not rely on signature based file detections.
SEP Knowledge Base
Endpoint SWAT
Hi,
Please check About SONAR..
Re-Edit
Managing SONAR
Configuring TruScan proactive threat scan settings for legacy clients
About adjusting TruScan settings for legacy clients
Find the attach thread for your knowledge
https://www-secure.symantec.com/connect/forums/sep-121-sonar-definitions
https://www-secure.symantec.com/connect/forums/manually-update-sonar-definitions
https://www-secure.symantec.com/connect/forums/where-are-truscan-logs-sepm-12
Thank& Regards,
Ambesh
Please mark your thread as 'SOLVED' with the answer that helps you.
Hi,
Have you recieved your answer..
Thank& Regards,
Ambesh
Please mark your thread as 'SOLVED' with the answer that helps you.
Thanks Ashish and Brian for reply.
Ambesh- I think you have not read my question before repplying on it. My question is What is the zero day threat vernability?
Thanks.
You can find some more information here:
http://www.symantec.com/threatreport/topic.jsp?id=...
http://en.wikipedia.org/wiki/Zero-day_attack
Zero-Day Vulnerabilities
Zero-day vulnerabilities are vulnerabilities against which no vendor has released a patch. The absence of a patch for a zero-day vulnerability presents a threat to organizations and consumers alike, because in many cases these threats can evade purely signature-based detection until a patch is released. The unexpected nature of zero-day threats is a serious concern, especially because they may be used in targeted attacks and in the propagation of malicious code.
Zero-day vulnerabilities are a sub-set of the total number of vulnerabilities documented over the reporting period. A zero-day vulnerability is one that appears to have been exploited in the wild prior to being publicly known. It may not have been known to the affected vendor prior to exploitation and, at the time of the exploit activity, the vendor had not released a patch. The data for this section consists of the vulnerabilities that Symantec has identified that meet the above criteria.
Thanks Sebastian,
That is the actuall information which i required.
Thanks.
Would you like to reply?
Login or Register to post your comment.