| ▲ | mikestorrent 5 hours ago | |||||||
Is there a tool out there that you can put software releases into and it will tell you how safe it is? I don't seem to be able to buy anything to do this. Crowdstrike and other modern antivirus may react to it once it's on a device, SAST / SCA tooling will help with CVEs, but there's nothing I can give my users where they can put in some piece of random software and get a reputation metric out the other side, is there? | ||||||||
| ▲ | vladvasiliu 4 hours ago | parent | next [-] | |||||||
> put in some piece of random software and get a reputation metric out the other side Well, the enterprise version of ms defender will not only react to it if it does something "weird", but will specifically look at its "reputation" before it runs at all. However, as another commenter pointed out, this generates a ton of false positives. Basically everything that's "brand new" is liable to trigger it. Think your freshly compiled hellow_world.exe. So, all in all, people may no longer pay attention to it and just click through all warnings. | ||||||||
| ||||||||
| ▲ | __natty__ 4 hours ago | parent | prev | next [-] | |||||||
Not exactly for software (although there is such section) but I use end of life [0] website. Besides time when certain software will be outdated it also tells you their release time. | ||||||||
| ▲ | Foobar8568 5 hours ago | parent | prev | next [-] | |||||||
Beside Virus Total, I am unsure https://www.virustotal.com/ | ||||||||
| ||||||||
| ▲ | seanw444 4 hours ago | parent | prev [-] | |||||||
You could put it into an LLM, since that's what we do for everything else nowadays. | ||||||||