Summary
To summarize this chapter of the book, antivirus bypasses will always be relevant for a variety of reasons, such as the following:
- Code that is not written securely
- A component that does not work properly.
In this chapter, you have gained knowledge and understanding of the importance of securing antivirus software from vulnerability and detection-based bypassed.
In order to protect antivirus engines from bypasses, it is first necessary to perform and test bypass attempts, in order to know exactly where the security vulnerability is located. Once the security vulnerability is found, a fix must be implemented so attackers cannot exploit the vulnerability. Of course, antivirus code must be regularly maintained, because from time to time more vulnerabilities can arise and be found.
These recommendations are based on our research and extensive tests conducted over a number of years that are also based on major...