>> > defense in depth / layered defense... would you recommend having a Linux
>> > anti-malware?
>> No. All those only try to recognize known threats. When a threat is
>> known, the security hole it exploits is also known, and the fix for it
>> already exists as well, so updating your distribution to the latest
>> security fixes is a better solution since it doesn't just protect you
>> from those known threats but it also protects you from unknown threats
>> using the same security holes.
> That's not true.
Which part?
> Sophos has ai learning and threat analysis mitigation tactics built in.
In which way does it make my statement false?
And more importantly, are there known cases where it detected an attack
before the corresponding security hole had been found? How common are
those cases, compared to the added risk (and performance and resource
cost) of running that software?
Stefan
