Contents contributed and discussions participated by Graham Perrin - Sourcefire and more

Immunet Corporation Privacy Policy - 1 views

www.immunet.com/...index.html

2010 2010-06 2010-06-19 Immunet Protect privacy

shared by Graham Perrin on 20 Jun 10 - Cached

Graham Perrin liked it

Immunet Corporation Privacy Policy
...

Cancel
and those files which you attempt to execute (also known as Application Files)
...

Cancel
new files that appear on your computer
- Graham Perrin on 20 Jun 10
  
  Only new files that are executable? Or a broader range of file types?
  
  <div class="cArrow"> </div><div class="cContentInner">Only new files that are executable? Or a broader range of file types?</div>
  
  ...
  
  Cancel
...

Cancel
...1 more annotation...
We limit our collection to executable files
- Graham Perrin on 20 Jun 10
  
  This seems to contract http://community.immunet.com/immunet/topics/how_are_macro_viruses_detected_and_how_to_remove#reply_2160091 where it's suggested that non-executable Microsoft Office binary files may be collected.
  
  <div class="cArrow"> </div><div class="cContentInner">This seems to contract <a href="http://community.immunet.com/immunet/topics/how_are_macro_viruses_detected_and_how_to_remove#reply_2160091" rel="nofollow" target="_blank">http://community.immunet.com/immunet/topics/how_are_macro_viruses_detected_and_how_to_remove#reply_2160091</a> where it's suggested that non-executable Microsoft Office binary files may be collected. </div>
  
  ...
  
  Cancel
...

Cancel

Cloud security upstart Immunet aims for antiviruses | The Download Blog - Download.com - 0 views

download.cnet.com/8301-2007_4-20007995-12.html

2010 2010-06 2010-06-19 Immunet Protect

shared by Graham Perrin on 20 Jun 10 - Cached

June 17, 2010
...

Cancel
Cloud security upstart Immunet aims for antiviruses
...

Cancel
Seth Rosenblatt
...

Cancel
...9 more annotations...
lightweight
...

Cancel
enhance already-installed protection
...

Cancel
energy spent on protecting users from threats they'll never encounter
...

Cancel
Huger explained ETHOS as, "a broadbased cache engine, basically a heuristics engine."
...

Cancel
Immunet's community-based cloud detection system, Collective Immunity, is different from several of its competitor's
...

Cancel
not defaulting out to DNS like Artemis
- Graham Perrin on 20 Jun 10
  
  ?
  
  <div class="cArrow"> </div><div class="cContentInner">?</div>
  
  ...
  
  Cancel
...

Cancel
referring to McAfee's network
...

Cancel
attention paid to user-support issues
...

Cancel
free 24/7 telephone support
...

Cancel

Graham Perrin on 20 Jun 10

referred from http://blog.immunet.com/blog/2010/6/17/immunet-protect-20-now-available.html

<div class="cArrow"> </div><div class="cContentInner">referred from <a href="http://blog.immunet.com/blog/2010/6/17/immunet-protect-20-now-available.html" rel="nofollow" target="_blank">http://blog.immunet.com/blog/2010/6/17/immunet-protect-20-now-available.html</a></div>

...

Cancel

This Diigo group is now public - 0 views

started by Graham Perrin on 20 Jun 10 no follow-up yet

#1 Graham Perrin on 20 Jun 10

The group was initially private, as it contained bookmarks relating to beta (but publicly available) web pages.

Around a day later things went live/public (beta.immunet.com pages now redirect to www.immunet.com) so I'm making the group public.

...

Cancel

Immunet Blog - Immunet Protect 2.0 now available! - 1 views

blog.immunet.com/...-protect-20-now-available.html

2010 2010-06 2010-06-19 Immunet Protect

shared by Graham Perrin on 20 Jun 10 - Cached

Immunet Protect 2.0 now available!
...

Cancel
June 17, 2010
...

Cancel
Oliver Friedrichs
...

Cancel
...4 more annotations...
two year anniversary
...

Cancel
huge milestone for the team
...

Cancel
CNET’s download.com will be offering Immunet Protect Plus 2.0 for free
...

Cancel
through TrialPay when you take advantage of a third party offer
...

Cancel

Software Assurance Malware Attribution Working Group Activities - 0 views

buildsecurityin.us-cert.gov/...malact.html

2010 2010-06 2010-06-16 convention (norm)

shared by Graham Perrin on 16 Jun 10 - No Cached

Malware Working Group
...

Cancel
Accomplishments
...

Cancel
products that can be leveraged
...

Cancel
...11 more annotations...
organizations that can be potential partners
...

Cancel
Malware Attribute Enumeration and Characterization (MAEC)
...

Cancel
Planned activities
...

Cancel
initial release of MAEC
...

Cancel
development of MAEC
...

Cancel
dynamic malware analysis engines (i.e. sandboxes)
...

Cancel
Introduction to Malware Attribute Enumeration and Characterization (MAEC)
- Graham Perrin on 16 Jun 10
  
  AbstractMalware represents one of the most prevalent threats to cyber security and is increasingly able to circumvent previously standardized detection, mitigation, and characterization techniques. Although new methods for combating malware have been developed, it is still difficult to communicate and share useful information garnered through these techniques without ambiguity and corresponding data loss. To close this significant gap in malware-oriented communication, this paper introduces and defines a language for characterizing malware based on its behaviors, artifacts, and attack patterns.
  
  <div class="cArrow"> </div><div class="cContentInner">AbstractMalware represents one of the most prevalent threats to cyber security and is increasingly able to circumvent previously standardized detection, mitigation, and characterization techniques. Although new methods for combating malware have been developed, it is still difficult to communicate and share useful information garnered through these techniques without ambiguity and corresponding data loss. To close this significant gap in malware-oriented communication, this paper introduces and defines a language for characterizing malware based on its behaviors, artifacts, and attack patterns.</div>
  
  ...
  
  Cancel
...

Cancel
higher-level malware attributes (behaviors)
...

Cancel
Integrate MAEC
...

Cancel
Common Attack Pattern Enumeration and Classification
...

Cancel
CAPEC
...

Cancel

Graham Perrin on 16 Jun 10

referred from http://www.diigo.com/bookmark/http%3A%2F%2Fcme.mitre.org%2F?tab=comment&uname=grahamperrin

<div class="cArrow"> </div><div class="cContentInner">referred from <a href="http://www.diigo.com/bookmark/http%3A%2F%2Fcme.mitre.org%2F?tab=comment&uname=grahamperrin " rel="nofollow" target="_blank">http://www.diigo.com/bookmark/http%3A%2F%2Fcme.mitre.org%2F?tab=comment&uname=grahamperrin </a></div>

...

Cancel

CAPEC - Common Attack Pattern Enumeration and Classification (CAPEC) - 0 views

capec.mitre.org

2010 2010-06 2010-06-16 convention (norm)

shared by Graham Perrin on 16 Jun 10 - Cached

Graham Perrin liked it

Common Attack Pattern Enumeration and Classification
...

Cancel
CAPEC
...

Cancel
publicly available
...

Cancel
...6 more annotations...
catalog of attack patterns
...

Cancel
standard mechanism for identifying, collecting, refining, and sharing attack patterns
...

Cancel
initial set of content
...

Cancel
public participation and contributions
...

Cancel
comprehensive schema and classification taxonomy
...

Cancel
May 18, 2010
...

Cancel

Graham Perrin on 16 Jun 10

referred from http://www.diigo.com/bookmark/https%3A%2F%2Fbuildsecurityin.us-cert.gov%2Fswa%2Fmalact.html?tab=comment&uname=grahamperrin

<div class="cArrow"> </div><div class="cContentInner">referred from <a href="http://www.diigo.com/bookmark/https%3A%2F%2Fbuildsecurityin.us-cert.gov%2Fswa%2Fmalact.html?tab=comment&uname=grahamperrin" rel="nofollow" target="_blank">http://www.diigo.com/bookmark/https%3A%2F%2Fbuildsecurityin.us-cert.gov%2Fswa%2Fmalact.html?tab=comment&uname=grahamperrin</a></div>

...

Cancel

MAEC - Malware Attribute Enumerization and Characterization - 0 views

maec.mitre.org

2010 2010-06 2010-06-16 research

shared by Graham Perrin on 16 Jun 10 - Cached

Graham Perrin liked it

MAEC™
...

Cancel
standardized language for encoding and communicating
...

Cancel
free for public use
...

Cancel
...11 more annotations...
International in scope
...

Cancel
attributes such as behaviors, artifacts, and attack patterns
...

Cancel
high-fidelity information
...

Cancel
eliminating the ambiguity and inaccuracy
...

Cancel
improve human-to-human, human-to-tool, tool-to-tool, and tool-to-human communication
...

Cancel
reducing reliance on signatures
...

Cancel
reduce potential duplication of malware analysis efforts
...

Cancel
faster development of countermeasures
...

Cancel
leverage responses to previously observed malware
...

Cancel
Similar Standards
...

Cancel
Malware Attribute Enumeration and Characterization
...

Cancel

Graham Perrin on 16 Jun 10

A standardised language for attribute-based malware characterisation.

<div class="cArrow"> </div><div class="cContentInner">A standardised language for attribute-based malware characterisation.</div>

...

Cancel
Graham Perrin on 16 Jun 10

referred from http://www.diigo.com/bookmark/https%3A%2F%2Fbuildsecurityin.us-cert.gov%2Fswa%2Fmalact.html?tab=comment&uname=grahamperrin

<div class="cArrow"> </div><div class="cContentInner">referred from <a href="http://www.diigo.com/bookmark/https%3A%2F%2Fbuildsecurityin.us-cert.gov%2Fswa%2Fmalact.html?tab=comment&uname=grahamperrin" rel="nofollow" target="_blank">http://www.diigo.com/bookmark/https%3A%2F%2Fbuildsecurityin.us-cert.gov%2Fswa%2Fmalact.html?tab=comment&uname=grahamperrin</a></div>

...

Cancel

ClamAV: TWiki: malware naming - 0 views

wiki.clamav.net/...MalwareNaming

2010 2010-06 2010-06-16

shared by Graham Perrin on 16 Jun 10 - Cached

Graham Perrin on 16 Jun 10

Compare with http://groups.diigo.com/group/sourcefire/content/tag/%22convention%20(norm)%22

<div class="cArrow"> </div><div class="cContentInner">Compare with <a href="http://groups.diigo.com/group/sourcefire/content/tag/%22convention%20(norm)%22" rel="nofollow" target="_blank">http://groups.diigo.com/group/sourcefire/content/tag/%22convention%20(norm)%22</a></div>

...

Cancel

Graham Perrin's status on Tuesday, 15-Jun-10 21:36:54 UTC - Identi.ca - 0 views

identi.ca/36398918

2010 2010-06 2010-06-15 Immunet Protect Clam AntiVirus antivirus software

shared by Graham Perrin on 16 Jun 10 - Cached

Twitter / Graham Perrin: What security software do ... - 0 views

twitter.com/...16256608061

2010 2010-06 2010-06-15 Immunet Protect Clam AntiVirus antivirus software

shared by Graham Perrin on 16 Jun 10 - Cached

Graham Perrin on 16 Jun 10

Automatically cross-posted from http://identi.ca/notice/36398918

<div class="cArrow"> </div><div class="cContentInner">Automatically cross-posted from <a href="http://identi.ca/notice/36398918" rel="nofollow" target="_blank">http://identi.ca/notice/36398918</a></div>

...

Cancel

What security software do you run and why? Help me define Immunet Protect 2.0 - 0 views

community.immunet.com/..._me_define_immunet_protect_2_0

2010 2010-05 2010-06-15 Clam AntiVirus Immunet Protect

shared by Graham Perrin on 16 Jun 10 - Cached

What security software do you run and why?
...

Cancel
define Immunet Protect 2.0
...

Cancel
'side by side' installs with other AV players
...

Cancel
...7 more annotations...
a short URL
- Graham Perrin on 16 Jun 10
  
  http://ur1.ca/07sg2
  
  <div class="cArrow"> </div><div class="cContentInner"><a href="http://ur1.ca/07sg2" rel="nofollow" target="_blank">http://ur1.ca/07sg2</a></div>
  
  ...
  
  Cancel
...

Cancel
phone support on our free and commercial products
...

Cancel
on our 'unsupported list'
...

Cancel
email support
...

Cancel
90% of our time in support (and we spend a lot of time here here going through support emails) is untangling issues with our software being in conflict with other software
...

Cancel
this forum
...

Cancel
what security software do you run and why?
...

Cancel

Graham Perrin on 16 Jun 10

referred from http://identi.ca/notice/36398918

<div class="cArrow"> </div><div class="cContentInner">referred from <a href="http://identi.ca/notice/36398918" rel="nofollow" target="_blank">http://identi.ca/notice/36398918</a></div>

...

Cancel

Immunet in the news (beta) - 0 views

beta.immunet.com/index.html

2010 2010-06 2010-06-16 Immunet Protect beta

shared by Graham Perrin on 16 Jun 10 - Cached

Protect people for free with Immunet (beta) - 0 views

beta.immunet.com/...index.html

2010 2010-06 2010-06-16 Immunet Protect beta

shared by Graham Perrin on 16 Jun 10 - Cached

Comparisons: Immunet Protect Free, Immunet Protect Plus (beta) - 2 views

beta.immunet.com/...index.html

2010 2010-06 2010-06-16 Immunet Protect beta

shared by Graham Perrin on 16 Jun 10 - Cached

Graham Perrin liked it

PLUS gives you all the features of Immunet Protect FREE
- Graham Perrin on 16 Jun 10
  
  I don't like the uppercase for FREE and PLUS. Title case should suffice: * Immunet Protect Free * Immunet Protect Plus.
  
  <div class="cArrow"> </div><div class="cContentInner">I don't like the uppercase for FREE and PLUS. Title case should suffice: * Immunet Protect Free * Immunet Protect Plus.</div>
  
  ...
  
  Cancel
...

Cancel
Feature Comparison
- Graham Perrin on 16 Jun 10
  
  Expect a significant number of users to wish for an extra column: comparing with ClamAV for Windows.
  
  <div class="cArrow"> </div><div class="cContentInner">Expect a significant number of users to wish for an extra column: comparing with ClamAV for Windows. </div>
  
  ...
  
  Cancel
- Graham Perrin on 16 Jun 10
  
  Expect a few users to wish for an extra column: comparing with ClamWin.
  
  <div class="cArrow"> </div><div class="cContentInner">Expect a few users to wish for an extra column: comparing with ClamWin. </div>
  
  ...
  
  Cancel
- Graham Perrin on 16 Jun 10
  
  Suggestion Add a second column: Immunet Protect 1 beta (A neat way of expressing what's new.)
  
  <div class="cArrow"> </div><div class="cContentInner">Suggestion Add a second column: Immunet Protect 1 beta (A neat way of expressing what's new.)</div>
  
  ...
  
  Cancel
...

Cancel

Immunet Protect Plus: system requirements (beta) - 2 views

beta.immunet.com/...index.html

2010 2010-06 2010-06-16 Immunet Protect beta

shared by Graham Perrin on 16 Jun 10 - Cached

Compatible Security Products
- Graham Perrin on 16 Jun 10
  
  Expect the list of products for Immunet Protect Free to be greater than the list for Plus. http://gsfn.us/t/uiko relates.
  
  <div class="cArrow"> </div><div class="cContentInner">Expect the list of products for Immunet Protect Free to be greater than the list for Plus. <a href="http://gsfn.us/t/uiko" rel="nofollow" target="_blank">http://gsfn.us/t/uiko</a> relates. </div>
  
  ...
  
  Cancel
...

Cancel

Graham Perrin on 16 Jun 10

Suggestion Have a separate page for Immunet Protect Free: system requirements

<div class="cArrow"> </div><div class="cContentInner">Suggestion Have a separate page for Immunet Protect Free: system requirements</div>

...

Cancel