Legacy prevention and detect-and-respond technologies have had their merits during the evolution of malware. However, today’s malware threats are far more advanced and prolific than ever before, and such techniques are no longer sufficient to protect your systems and network.
Relying solely on post-execution detection is a risky proposition for your enterprise.
“Today, the reactive approach is the anti-malware industry’s greatest weakness. The model of reacting to what has already been seen, experienced, or known is limiting,” said Chad Skipper, VP of Industry Relations & Product Testing.
“A pre-execution prevention strategy is the first step in building an effective security portfolio.”
The basic requirement of any anti-malware solution: If a file is bad, block it. Although this principle is simple enough, the solution has been elusive. Until now. With the evolution of artificial intelligence (AI) and machine learning (ML) based pre-execution prevention, a very efficient anti-malware solution is now a reality.
For far too long, we’ve been conditioned to believe that our defense against malware will be adequate, as long as we keep our anti-malware software continuously updated to detect known threats.
When that approach increasingly began to fail, we were then conditioned to believe that a breach is inevitable, so we must add complex layers of defense to respond. This approach is inherently reactive.
The recently released book Next-Generation Anti-Malware Testing for Dummies suggests evaluating solutions based on the following:
- Addressing the Attack Vectors: First, and foremost, an anti-malware solution must address all attack vectors
- Effectiveness: Can your anti-malware solution provide a predictive advantage whereby it can prevent tomorrow’s malware yesterday? Effectiveness is a single source of truth
- Performance: Look for solutions that have a minimal impact on CPU and memory utilization, particularly on specialized systems
- Ease of Use: Anti-malware products shouldn’t require your end users to be (Read more...)
This is a Security Bloggers Network syndicated blog post authored by The Cylance Team. Read the original post at: Cylance Blog