We are having a great week where we are seeing more evidence than ever for the value of application whitelisting in providing both endpoint protection and application control. Earlier this week we met with Gartner analyst Neil MacDonald and got his perspective on the future of application whitelisting. He had many good insights about the state of the industry and we particularly agreed with his perspective on the importance of “trusted change” to the success of any application whitelisting solution. Continue reading this post…
Application Whitelisting Gaining Momentum for Endpoint Protection
Time For an Update of PCI Antivirus Requirements: Take a lesson from NERC CIP
PCI requirements have come under scrutiny lately. A number of high profile security incidents resulting in the exposure of hundreds of thousands of credit cards have, fairly or unfairly, brought attention to the companies who suffered these attacks and yet were PCI compliant at the time. The highest profile incident was that of Network Solutions where over a half a million credit cards were compromised.
The culprit? Unauthorized code on their servers resulted in the exposure of the credit card data. Despite the protections employed to protect the card data on servers, they were done in by simple malware on a system in their infrastructure.
Conficker – A botnet on autopilot
I came across a good article today from internetnews.com detailing the latest stats for the Conficker botnet. Over 5.5 million PCs are actively infected and a part of this botnet according to the Conficker Working Group. Clearly Conficker continues to be a threat despite approaching its first year anniversary this October. Continue reading this post…
Evidence Abounds of the Failure of Blacklist Antivirus
The most recent piece of evidence comes courtesy of the 2009 Black Hat conference going on right now in Las Vegas. MX Logic reports from this year’s conference that a new trojan called “Clampi” is being used for highly sophisticated identity theft. The researcher cited from SecureWorks claims that hundreds of thousands of PCs have already been infected. Continue reading this post…
Collaboration with SignaCert: One Potential Avenue In The Purification Process
Earlier this week, Toney Jennings wrote about step two in the rational transition to application whitelisting: the purification stage. Today we announced another step in that stage: a collaboration with SignaCert, the provider of the largest known-provenance whitelist repository in the world, SignaCert’s Global Trust Repository (GTR). Continue reading this post…