Seems it is just a period where added security layers on top of existing av solutions become very popular,
like the hand on the cradle to lull the user into a dream of added security..
A pity for earlier developers because they developed their creations before the time that it became a hype.
Let us not look at these solutions as a panacea (cure for all ills)...
Still waiting to see a nice easy and ready configurable windows IDS, like linux suricata and snort.
And something that really works and alerts for alledged bot activity, open resolvers, dns anomalies, arp cache monitoring,
and not a tool that silently sits in the background and cannot even "be suspected of any realtime activity",
it produces a log, I now aim at a ttool like RUBotted.
(Has someone really ever confirned that it is actually doing something?)
polonus