Entries Tagged as 'Endpoint Protection Platform'
by Neil MacDonald | May 2, 2011 | 3 Comments
Rapid adoption rates, three hundred and fifty thousand apps, but not much malware. What gives? 1) The power of whitelisting. Call it what you may, but having Apple act as the steward of all applications via its App Store is a form of whitelisting (where the list of approved applications [whitelist] is defined by those [...]
Category: Beyond Anti-Virus Endpoint Protection Platform Information Security Microsoft Security Windows 7 Tags: Apple, Beyond Anti-Virus, Defense-in-Depth, Endpoint Protection Platform, Lockdown, Security-Summit-NA, Windows
by Neil MacDonald | April 14, 2011 | 4 Comments
Whether or not you agree with the use of the term “Advanced Persistent Threat” (APT), we can agree that there is a very real threat from advanced intrusions which persist undetected in our systems. By definition, these intrusions are advanced so our traditional (and increasingly ineffective) protection mechanisms such as firewalls and antivirus don’t catch [...]
Category: Beyond Anti-Virus Information Security Next-generation Security Infrastructure Tags: Beyond Anti-Virus, Defense-in-Depth, Endpoint Protection Platform, Information Security, Security-Summit-NA, Whitelisting
by Neil MacDonald | March 22, 2011 | Comments Off
I’ve spent the past day and a half attending Microsoft’s Management Summit in Las Vegas. From my perspective the announcement that will affect the most enterprises from a security perspective was a change in licensing related to Forefront. Some history — in 2010, Microsoft reorganized the Server and Tools Business Unit placing the Forefront Endpoint [...]
Category: Cloud Cloud Security Endpoint Protection Platform Microsoft Microsoft Security Next-generation Data Center Virtualization Virtualization Security Tags: Cloud Security, Endpoint Protection Platform, Hyper-V, Microsoft, Microsoft Security, Next-generation Data Center, Virtualization, Virtualization Security, Windows
by Neil MacDonald | March 15, 2011 | Comments Off
The conventional wisdom is that a user who is configured with “standard user” privileges (the least possible in Windows 7) cannot install software (or malware for that matter). This is incorrect. Software that writes to the user’s data directory, and that doesn’t write to protected portions of the registry, can install correctly as a standard [...]
Category: Endpoint Protection Platform Microsoft Security Windows 7 Tags: Best Practices, Defense-in-Depth, Endpoint Protection Platform, Lockdown, Microsoft Security, Reducing Cost, Whitelisting, Windows
by Neil MacDonald | March 11, 2011 | Comments Off
Google’s Android has made the news a couple of times already in 2011: Here, with a credit card snooping exploit proof of concept and most recently, with malware that had gotten into the Google application store. The latter was particularly serious as it involved a privilege escalation attack that broke out of the Android sandbox. [...]
Category: Application Security Beyond Anti-Virus Endpoint Protection Platform Tags: Apple, Application Security, application security testing tools, Best Practices, Beyond Anti-Virus, Endpoint Protection Platform, Whitelisting
by Neil MacDonald | March 9, 2011 | Comments Off
Sitting here in the airport getting ready to fly back home, it occurred to me that all of these hyped technologies have had a critical shift in mindset over the past several years. Each of these technologies was originally touted with their ability to block and control “bad things” from happening. With NAC, this entailed [...]
Category: Beyond Anti-Virus Endpoint Protection Platform Security Intelligence Tags: Beyond Anti-Virus, Endpoint Protection Platform, Information Security, Next-generation Security Infrastructure, Whitelisting
by Neil MacDonald | March 4, 2011 | Comments Off
I’ve had several calls recently where clients are looking to switch their endpoint protection platform vendor from one provider to another because they’ve gotten infected and they believe that switching vendors will provide them better protection. The scenario is usually goes something like this: they are using vendor X, got infected, scanned the machine with [...]
Category: Beyond Anti-Virus Endpoint Protection Platform Information Security Tags: Best Practices, Beyond Anti-Virus, Defense-in-Depth, Endpoint Protection Platform, Information Security
by Neil MacDonald | March 3, 2011 | Comments Off
I’ve talked about this issue in past blogs, but I have an increasing number of clients asking me whether or not antimalware protection is needed on Apple Macintosh computers. More and more, organizations are putting Macs on the list of approved devices so a deeper look into this question is warranted. I’ve provided detailed guidance [...]
Category: Beyond Anti-Virus Endpoint Protection Platform Tags: Apple, Beyond Anti-Virus, Defense-in-Depth, Endpoint Protection Platform
by Neil MacDonald | March 1, 2011 | 1 Comment
As I walked the exhibit hall floor at RSA, I couldn’t help but notice the large numbers of vendors talking about the need for improved detection capabilities and security intelligence that provides actionable insight as to what is going on in our IT infrastructure. Complete protection requires both prevention and detection capabilities. I’ve blogged about [...]
Category: Beyond Anti-Virus Endpoint Protection Platform Security Intelligence Tags: Adaptive Security Infrastucture, Defense-in-Depth, Endpoint Protection Platform, Next-generation Security Infrastructure, Reducing Cost
by Neil MacDonald | January 6, 2011 | Comments Off
In my previous post, I kicked off 2011 with a recommendation for improving your “security bang for the buck” or quick wins for information security in 2011 – increasing patching breadth and depth. Here’s a few more to consider in 2011: In a response to this post on the value (or lack thereof) of antivirus [...]
Category: Beyond Anti-Virus Cloud Security Endpoint Protection Platform Windows 7 Tags: Best Practices, Beyond Anti-Virus, Cloud Security, Endpoint Protection Platform, Information Security, Lockdown, Reducing Cost, Security No-Brainer, Windows
