EDR vs. Traditional AV
Birds on a Cable is officially moving to only providing EDR software for our clients, rather than offering traditional antivirus software. What does that mean for you, and what’s the difference?
What is an antivirus?
Traditional antivirus software works by scanning every file on your system and looking for specific fingerprints that it already knows about. These could be things such as a file hash (a unique number generated by doing math on the entire file in such a way any minor change radically changes the number) or looking for specific text in the program code itself. The AV scanner doesn’t know what those things do, only that they match a list it’s been provided of known bad things. If you’ve ever had a false positive, that’s why.