Come see Luca Gibelli of the ClamAV team will be presenting a talk on Security Governance. The talk is part of the 5th annual Net & System Security Convention. The Conference is scheduled for November 27th, at Pisa’s Palazzo dei Congressi. A brief summary of Luca’s talk is below:

Security Governance: A Systematic Approach to Threat Management
Confidentiality, integrity and availability of information should be recognized as a critical business issue rather than the sole domain of IT. (Read more...)

Your last chance to vote for ClamAV as the best anti-malware solution in
the 2008 SC Magazine Readers Trust Awards
Voting ends 02 November 2007

Visit http://www.scmagazine.com/us/awards/categories/26137/best-anti-malware-solution/

In its blog at http://www.avertlabs.com/research/blog/index.php/2007/08/12/what-a-tangled-web
McAfee has been receiving inquiries from its users over the results of the Untangle test.

The “Fight Club” test at LinuxWorld was not only a test of AV products. McAfee has missed a point here: the test also demonstrated that AV tests rarely publish their methodology. A test that lacks open review of the methodology used and that as a result shows any vendor in a positive light can’t be considered objective.

The “Fight Club” test is the only test, that we are aware of, to fully publish its methodology. Vendors that don’t fare well in tests that can be scrutinised are happy to make claims based on tests conducted behind closed doors that lack published methodology and success criteria because those tests cannot be questioned.

While the methodology in this test has been debated, we believe that all tests should be as open to review as the Untangle test was!

With the release of ClamAV 0.91.2 we introduce the option to scan for Potentially Unwanted Applications. The PUA database contains detection for applications that are not malicious by itself but can be used in a malicious or unwanted context.
As an example: A tool to retrieve passwords from a system can be useful as long as the person who uses it, is
authorized to do so. However, the same tool can be used to steal passwords from a system.

To make use of the PUA database you can use the ”—detect-pua” switch for clamscan or enable it in the config file for clamd.

At this point we DON’T recommend using it in production environments, because the detection may be too agressive and lead to false positives. In one of the next releases we will provide additional features for fine-tuning allowing better adjustments to different setups.

On August 17th, Sourcefire, the creators of Snort, acquired the ClamAV project. The full announcement is available here . We’ve also created a short FAQ that we hope will answer any questions you have.