Antivirus software is kind of the lock on a window: it keeps out the most basic sorts of intruders but provides little protection against someone willing to break the glass. The analogy is even more apt because, like window locks, antivirus software has become commoditized. When looking at the results from public tests like AV-Comparatives, it’s clear that for the most part, antivirus platforms block the same attacks. In light of this, it makes little sense to pay for third-party antivirus; especially for Windows systems where this functionality is free and embedded.
Microsoft has pledged to make a $1 billion investment every year into cybersecurity. A big part of this investment involves strengthening Windows 10 native security controls and embedding those into the Windows 10 operating system free of charge.
Although this won’t necessarily protect against attackers willing to “break the glass,” which in cybersecurity terms, means launching an evasive or zero-day attack, no security stack would be complete without antivirus software. That said, neither is a stack complete if companies only have antivirus deployed on their endpoint.
With the release of Morphisec Guard 5.0, companies can take the pressure off antivirus by emphasizing offense instead of defense. Our solution protects against known and unknown threats alike by turning the target of most cyberattacks – the application memory – into a moving target.
Antivirus platforms are very good at stopping known, file-based malware. If a file is saved to disk, then it gets scanned; if there’s a known signature then it’s blocked. Despite how well antivirus works, breach damage remains at an all-time high. The question here is why? The answer is that adversary techniques have evolved and become fileless, targeting application memory and evading antivirus scanning processes.
Morphisec Guard 5.0 turns the existing detection-centric paradigm on its head by creating a zero trust runtime environment within application memory. With the creation of this zero-trust application runtime protocol, Morphisec Guard can short-circuit a variety of attacks by making it impossible for attackers to leverage application resources.
At the same time, Guard leaves behind a skeleton version of the application that lures the attack into a secure environment to neutralize and analyze it. By simultaneously outrunning and outsmarting the attack, Morphisec Guard 5.0 effectively prevents any ill effects, minimizing the need for collecting and storing endpoint telemetry data for later analysis.
Crucial to our solution is exactly what even next-generation antivirus lacks: deterministic defenses or the ability to distinguish truly unknown attacks not logged in a signature database or used as part of training data for an algorithm. Any process taking evasive actions can only be malicious. Focusing on the final target, not the initial entry point, allows Morphisec Guard 5.0 to expose zero-day attacks and defuse threats it has never seen before. The defender has the advantage.
New in Morphisec Guard 5.0
Morphisec Guard 5.0, our latest release, is designed to prevent the breaches that bypass antivirus and EDR tools while making sure that you don’t have to pay for security features that the operating system already has covered. Morphisec Guard leverages the best in class antivirus embedded in all Windows 10 machines and adds centralized dashboard visibility and control as well as advanced protection capabilities to protect against evasive threats.
Specific major upgrades include:
Expanded visibility and control to better meet the needs of enterprises in an era of increasing cyberattacks and worsening consequences. Morphisec Guard gives visibility into the status of Windows 10 standard security features, such as Windows Personal Firewall, Microsoft Defender Antivirus, BitLocker for drive encryption, and Device Control to understand and maintain security posture across all endpoints.
- Enhanced forensic information for threat analysis — Morphisec Guard integrates threats blocked by Morphisec and threats blocked by Microsoft Defender Antivirus into a single dashboard for richer threat intel. Morphisec Guard also provides detailed and visualized attack information if needed across all threats, with threat data able to be downloaded into executive reports.
- Tight configuration of Windows-native security tools, such as Windows Personal Firewall and Device Control. Morphisec Guard empowers users with granular, yet simple, controls over both Personal Firewall and Device Control and ensures they remain in place with additional anti-tampering capabilities.
With Morphisec Guard 5.0 on the front lines, rounding out a robust cybersecurity strategy is simply a matter of leveraging the free, OS-native tools most users already have. Consequently, our solution vastly upgrades security while lowering costs and simplifying threat management. In that way, it’s the perfect replacement for underwhelming antivirus and the ideal centerpiece of a sustainable cybersecurity strategy.
More to the point, Morphisec Guard requires no services to deploy it throughout any organization, no maintenance, no separate updates to a signature database or algorithm, and no remediation. Our deterministic, prevention-first zero-trust security approach means that Morphisec Guard prevents what other solutions cannot.
We’ve also included:
- Automatic protection of network drives and folders
- Improved security for remotely launched processes
- Protections against emerging and advanced vulnerabilities like ZeroLogon
- Additional forensic information included in threat logs
Expecting More from Cybersecurity
For too long, security teams have accepted that antivirus was imperfect and that detection and response will be all-consuming efforts. But the results speak for themselves: cyber attacks have become an existential threat to every business in the world while cybersecurity costs skyrocket. It’s time to acknowledge a failed approach for what it is and look for something radically different.
Morphisec Guard 5.0 represents a new way of thinking about cybersecurity, one that refuses to wave the white flag to hackers or pour endless amounts of resources into ineffective defenses. Are you ready to expect more and achieve better? Morphisec is too.
*** This is a Security Bloggers Network syndicated blog from Morphisec Moving Target Defense Blog authored by Netta Schmeidler. Read the original post at: https://blog.morphisec.com/cybersecurity-beyond-antivirus-morphisec-guard-5.0