-
None, because they typicially open up a larger attack surface than the system would have without them. It's been like that for a while now. For references, I'd recommend this article from Ars Technica, who reference some very knowledgeable people (including Chrome's Security Chief at the time).
There was a time when AV software was useful. We're a decade past that, the world has changed, software has changed, defenses have changed, and AV software did not keep up.
-
Windows defender on Windows PC's. Nothing on Linux.
-
None. I won't install something that checks the whole system, but maybe a tool something that checks installed packages or container images against some known cve database and alerts me if it has findings.
-
On my debian server, I have trivy to scan containers and I use clamav to scan files now and again but clamav uses up a lot of ram and its not a mailserver so I'm planning on uninstalling it.
On desktops I use virus total to scan PDFs or small files and stick to foss software
-
What would you run an antivirus for? I trust the software I out on my servers, if I didn't I wouldn't be installing it or at the very least would put it in a VM.
I have real security boundaries in place, no need for useless scareware.
-
Clamav against any new downloaded files. That's about it
-
I have my server behind NAT and I use Tailscale to access it from elsewhere.
-
Microsoft is "generally competent," according to O'Callahan
Sorry had to DQ the article cause of that /s
