Create 'tag' in the IDE's that shows what they are trying to detect.
We have 'sav-update' installed on our mail relays so they automatically download the latest detection IDE's.
It would be a good feature to know that the latest IDE is supposed to detect X-trojan, X-virus or X-worm.
We had an example where one of our customers asked if we now detected the Troj/Agent-ARJS Trojan and I had to reply 'I think so' rather than a definite 'yes'. If I could search the IDE's with the Unix 'strings' command looking for say Troj/Agent-ARJS and found a hit then that would be brilliant.
It should be a simple case of just putting a comment field in the IDE so that 'strings' picks it out e.g.
strings gozi-ct.ide |grep -i TRO
Troj/Gozi-CTSECTide
Thanks
Andy
