DEEPGUARD ALLOWS MALWARE
Wondering why deepguard does not block malware that has not been seen. F-Secure states that if a binary has 0 reputation and is completely new... that deepguard will block it from running.
Now, we have seen this in many occurances. But there seems to be a lack in the consistancy of DEEPGUARD keeping up to the task. Are there any answers as to to why this happens from the F-Secure team? I believe we are not the one with this observation.
F-Secure quotes this here: https://www.youtube.com/watch?v=mu7wbJq9Ulo