Anti-virus simply isn’t effective anymore at providing desktop security. We have posted on this topic quite a bit recently, but it seems to have an endless supply of new information and postings that support the growing trend away from reactive, signature dependent anti-virus.
Consider the recent post from long-time industry expert, Robin Bloor, titled The Beginning of the End For AntiVirus. Robin has been a long time advocate of moving away from a clearly broken anti-virus technology and moving toward a more proactive solution that can solve the problem of zero day threats and root kits. He had this to say about the growth of whitelisting and the fall of AV in his article: Continue reading this post…
This week we published a research report conducted on our behalf by Dimensional Research titled “Anti-Virus and Anti-Malware: A survey of IT Professionals.” The results are illuminating. It is clear that dissatisfaction with existing desktop security is at an all time high, but that people feel locked into a solution without alternatives.
Last week, I highlighted Gartner Group Analyst, John Pescatore’s call to start over again on desktop security and it appears that the over 200 IT professionals that we surveyed agreed. 52% of the respondents to our survey indicated that they were considering discontinuing blacklist anti-virus all together. Given their lack of faith in its effectiveness and their concern over the performance impact of an increasingly bloated application, it should be no surprise.
We will be talking about these and many other trends in a webinar next week presenting the details of the survey. I hope that you are able to join us and begin participating in the discussion of how to start over on desktop security.
Last week Microsoft issued an advisory on a new vulnerability with the IIS FTP service. This vulnerability already has a published exploit and can result in allowing the attacker to execute unauthorized code on the target. Details of the vulnerability are available at the US-CERT website. If you have an anonymous account on your ftp server then you are especially at risk because no theft of credentials would be needed to execute this exploit.
To me the key to this issue is that a fix won’t be included in today’s Microsoft security patch release. There simply wasn’t enough time to identify, code and test the patch before it was released. Microsoft complained that the security researcher didn’t report the vulnerability responsibly. While this may be true, it certainly highlights the weakness of a desktop security plan that relies on patching and antivirus signatures. Continue reading this post…
I came across this post from John Pescatore today on his Gartner blog titled, “Twelve Word Tuesday: I’d Start Over Again on Desktop Security”, and I couldn’t agree more. The evidence of the failure of blacklisting anti-virus can be found everywhere.
John, makes a reference to the Government’s Cash for Clunkers program and I think the analogy is an appropriate one. There are many desktop security companies that are heavily invested in the way things are today. Their recurring revenue model is based on subscriptions to a bloated blacklist. Their security solutions work on a find and clean model and not a preventative model. The likelihood that they will “start over” on security is slim to none and more likely they will keep trying to add a fresh coat of paint, change the tires and oil and patch things together with new additions. The problem is the engine is broken and won’t last much longer. Continue reading this post…
Last week I blogged about the general momentum around application whitelisting citing our meetings with Neil MacDonald from Gartner and a recent post from George Kurtz of McAfee.
This week, I want to speak more specifically about using application whitelisting to both meet the letter and the spirit of NERC CIP-007 compliance requirements. This is an area where application whitelisting is gaining significant momentum as a supplement or alternative to traditional blacklist antivirus. There are many reasons why the energy industry is ahead of the general curve in adopting whitelisting technologies. Continue reading this post…