Entries Categorized as 'Endpoint Protection Platform'
by Neil MacDonald | March 11, 2011 | Comments Off
Google’s Android has made the news a couple of times already in 2011: Here, with a credit card snooping exploit proof of concept and most recently, with malware that had gotten into the Google application store. The latter was particularly serious as it involved a privilege escalation attack that broke out of the Android sandbox. [...]
Category: Application Security Beyond Anti-Virus Endpoint Protection Platform Tags: Apple, Application Security, application security testing tools, Best Practices, Beyond Anti-Virus, Endpoint Protection Platform, Whitelisting
by Neil MacDonald | March 9, 2011 | Comments Off
Sitting here in the airport getting ready to fly back home, it occurred to me that all of these hyped technologies have had a critical shift in mindset over the past several years. Each of these technologies was originally touted with their ability to block and control “bad things” from happening. With NAC, this entailed [...]
Category: Beyond Anti-Virus Endpoint Protection Platform Security Intelligence Tags: Beyond Anti-Virus, Endpoint Protection Platform, Information Security, Next-generation Security Infrastructure, Whitelisting
by Neil MacDonald | March 4, 2011 | Comments Off
I’ve had several calls recently where clients are looking to switch their endpoint protection platform vendor from one provider to another because they’ve gotten infected and they believe that switching vendors will provide them better protection. The scenario is usually goes something like this: they are using vendor X, got infected, scanned the machine with [...]
Category: Beyond Anti-Virus Endpoint Protection Platform Information Security Tags: Best Practices, Beyond Anti-Virus, Defense-in-Depth, Endpoint Protection Platform, Information Security
by Neil MacDonald | March 3, 2011 | Comments Off
I’ve talked about this issue in past blogs, but I have an increasing number of clients asking me whether or not antimalware protection is needed on Apple Macintosh computers. More and more, organizations are putting Macs on the list of approved devices so a deeper look into this question is warranted. I’ve provided detailed guidance [...]
Category: Beyond Anti-Virus Endpoint Protection Platform Tags: Apple, Beyond Anti-Virus, Defense-in-Depth, Endpoint Protection Platform
by Neil MacDonald | March 1, 2011 | 1 Comment
As I walked the exhibit hall floor at RSA, I couldn’t help but notice the large numbers of vendors talking about the need for improved detection capabilities and security intelligence that provides actionable insight as to what is going on in our IT infrastructure. Complete protection requires both prevention and detection capabilities. I’ve blogged about [...]
Category: Beyond Anti-Virus Endpoint Protection Platform Security Intelligence Tags: Adaptive Security Infrastucture, Defense-in-Depth, Endpoint Protection Platform, Next-generation Security Infrastructure, Reducing Cost
by Neil MacDonald | January 6, 2011 | Comments Off
In my previous post, I kicked off 2011 with a recommendation for improving your “security bang for the buck” or quick wins for information security in 2011 – increasing patching breadth and depth. Here’s a few more to consider in 2011: In a response to this post on the value (or lack thereof) of antivirus [...]
Category: Beyond Anti-Virus Cloud Security Endpoint Protection Platform Windows 7 Tags: Best Practices, Beyond Anti-Virus, Cloud Security, Endpoint Protection Platform, Information Security, Lockdown, Reducing Cost, Security No-Brainer, Windows
by Neil MacDonald | January 4, 2011 | Comments Off
I am back from the holidays and was responding to some comments on my previous blog post on antivirus technologies and the shift to endpoint protection platforms where one of the readers had recommended disabling autorun on removable media for a quick win for information security. There are several things in information security that we [...]
Category: Application Security Beyond Anti-Virus Endpoint Protection Platform Information Security Tags: Apple, Best Practices, Defense-in-Depth, Endpoint Protection Platform, Information Security, Security No-Brainer, Windows
by Neil MacDonald | December 23, 2010 | 5 Comments
Signature-based antimalware detection is increasingly ineffective against an explosion in the number of malware variants as well as an increase in the number of financially motivated targeted attacks. Does this mean we get rid of antivirus technology altogether? Not at all. What it means is that we can no longer protect endpoints using signature-based mechanisms [...]
Category: Beyond Anti-Virus Endpoint Protection Platform Next-generation Security Infrastructure Virtualization Windows 7 Tags: Beyond Anti-Virus, Defense-in-Depth, Endpoint Protection Platform, Next-generation Security Infrastructure, Reducing Cost, Virtualization Security, Windows
by Neil MacDonald | November 8, 2010 | 2 Comments
In this research note on deploying Windows 7 security features for clients, I explore in detail the security capabilities baked into Windows 7 – AppLocker, BitLocker, BitLocker To Go, the Windows Firewall, USB Port Control and so on. One question I get from clients is whether or not to use the built-in capabilities of Windows [...]
Category: Endpoint Protection Platform Virtualization Virtualization Security Windows 7 Tags: Endpoint Protection Platform, Microsoft Security, Next-generation Security Infrastructure, Virtualization Security, VMware, vSphere
by Neil MacDonald | November 5, 2010 | Comments Off
Is IDS dead? Not at all. I previously blogged that complete protection will require a combination of prevention and detection. Protection = Prevention + Detection We cannot and will not be 100% successful in preventing all attacks. Many organizations continue to spend an ever-increasing amount of the IT budget in a futile attempt to prevent [...]
Category: Beyond Anti-Virus Endpoint Protection Platform Information Security Next-generation Security Infrastructure Tags: Adaptive Security Infrastucture, Beyond Anti-Virus, Defense-in-Depth, Endpoint Protection Platform, Information Security, Next-generation Security Infrastructure
