serious question, does anyone really think Linux antivirals are good or necessary, particularly if they are active measure kernel things and not just passive scanners?
I have only seen people use them when windows it departments suddenly have to pretend to be cloud savvy, or when enterprisey infosec teams are looking for more vendors to bloat up their budgets. If it’s written in contracts, it’s not the customers demanding av on ephemeral cloud servers, it’s the home team bloating costs so they can cut them later for a raise and applause.
Aaaand whenever it goes that way, antivirals affect performance and stability with random problems, always hurting more than they help
Nine times out of ten it’s not even for security it’s for checking some kind of auditing compliance box. We’re perpetuating this nightmare quagmire of shit and no one understand how it works.
Any details on what compliance regime specifically requires it for Linux tho, and whether it differentiates static servers from ephemeral? I’m just curious since you always hear “compliance” but I’ve never actually seen the requirement coming from anywhere except windows sysadmins who are out of their element
Part of the issue is that compliance is so broad and will vary from industry to industry, state to state and country to country. If you’re in defense and work with the government you’re requirements will be different versus healthcare or the education sector.
I have only seen people use them when windows it departments suddenly have to pretend to be cloud savvy, or when enterprisey infosec teams are looking for more vendors to bloat up their budgets. If it’s written in contracts, it’s not the customers demanding av on ephemeral cloud servers, it’s the home team bloating costs so they can cut them later for a raise and applause.
Aaaand whenever it goes that way, antivirals affect performance and stability with random problems, always hurting more than they help