@RDiaz While we do work with security partners, I have never heard CLAM mentioned. I apologize for the delay in getting everyone updates on this thread, and expect more information to be available soon --- certainly before we leave beta testing.
Yeah, I agree its not CLAM, I wasnt able to replicate my initial research that pointed in that direction. We have deployed on a couple of test machines. Seems like the product is a decent beta, but not yet ready for Prime Time. We havent been able to get the anti-phishing module to work on any test machines and LMI support hasnt been able to get it working either.
That's good news (pending confirmation). But unfortunately for us, we can't wait for this to be ready. Especially with California's new SIMM 5355 mandate, we would need a more robust solution than just endpoint AV.
I believe I have proof it's bitdefender. I had no "bitdefender.com" traffic before testing LMIAV, now I see some on network logs. So this has to be the AV engine it's using. Or at least the signature list is from there.