Furthermore, cyber criminals are now taking the extra step of pre-scanning their malware against all the popular antivirus engines in order to ensure that it can effectively bypass these signature-based methods - affording the malware creator a much higher rate of success once they release it into the wild.ĮDR has been an area of technology that has been around for a few years now, and has typically been touted as something to address the shortcomings of traditional AV and augment its capabilities. The problem is, there are many ways to circumvent this, whether by using Do-it-Yourself malware encryptors, polymorphism, or generally any technique which can obfuscate the code and render it incapable of being matched against the signature database.
This signature is then pushed out to customers in the form of a signature update. Signature-based threat detection essentially works when the vendor creates a signature after a new virus or malware variant is discovered in the wild. These security vendors to a large extent focus on using signature based methods to detect malware and exploits. But in the world of dealing with breaches and exploits, they are the dinosaurs, a dying breed. This is the home of traditional mainstays security vendors. While the industry as a whole has focused on Antivirus (AV) mechanisms and more recently, Endpoint Detection and Response (EDR), Palo Alto is taking an altogether different approach an approach that in my opinion will ultimately leave these legacy approaches in the dust.īefore taking a deep dive into Traps and what makes it so different, let's take a look at the landscape: As someone who has worked in the network and cyber security industries over the last 20 years, I can tell you, it's a revolutionary approach to the problem of dealing with these types of attacks, says Juniper Ambassador Stefan Fouant. For the last few months I've been learning and playing with Palo Alto's Endpoint Protection solution, aptly entitled Traps.
We are in an arms race, and the traditional, legacy ways of dealing with these types of problems just doesn't cut it anymore. Threats continue to evolve, from the first viruses seen in the wild back in 1982, to the modern-day malware of today that's capable of spreading laterally in the blink of an eye. The world of malware and exploits has a long history, and anyone involved in this industry knows that we are at a tipping point.
0 kommentar(er)
