Skip to content

/ brave-browser

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Automate anti-virus false-positive testing #3889

Open
tomlowenthal opened this issue Mar 26, 2019 · 0 comments
Open

Automate anti-virus false-positive testing #3889

tomlowenthal opened this issue Mar 26, 2019 · 0 comments
Labels
Epic build priority/P4 sec-low security third-party/anti-virus

Comments

@tomlowenthal
Copy link
Member

@tomlowenthal tomlowenthal commented Mar 26, 2019

Various anti-virus and anti-malware tools identify Brave or bundled components as false-positives for malware from time to time. Playing catchup with these alerts can be time-consuming and inconsistent, especially given the opacity and intrigue around AV vendors' methods.

We should get ahead of this by automating testing against popular AV vendors' services. VirusTotal (brave/devops#656) only gets us part way there: VirusTotal compares signatures, and we're more likely to trip a heuristic scanner. Integrating AV tests into our build & test process will let us find out about false-positives in the commit that causes them, and prevent issues before Brave ever hits people's machines.
@tomlowenthal tomlowenthal added the Epic label Aug 6, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Epic build priority/P4 sec-low security third-party/anti-virus
Projects
None yet
Milestone
No milestone
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
1 participant
@tomlowenthal
You can’t perform that action at this time.