It's Time to Rethink your Corporate Malware Strategy

by Nick Grosso
Sept. 1, 2017 0 comments SANS Institute Pen Testing & Audits malicious code

Due to a variety of reasons which will be outlined in this paper, signature-based antivirus scanning is becoming largely ineffective as the main tool against newer varieties of malicious computer code. Scanning performed at the gateway and server level, while still valuable, is proving inadequate as well. It is becoming evident that behavior-based policy enforcement middleware, deployed at the edge of the corporate network (PC workstations), will be required in the near future to handle known and unknown threats. Unfortunately, the big players in this industry currently are not incorporating the required technologies into their product lines, nor does it appear that they will be doing so in the near future. IT managers wanting to utilize these technologies today will have to take a chance on the smaller security software vendors.

https://www.sans.org/reading-room/whitepapers/malicious/its-time-rethink-corporate-malware-strate...