Advocates whitelists and other tools that 'genuinely help' security
17 Nov 2016 at 01:55, Darren Pauli Kiwicon Google senior security engineer Darren Bilby has asked fellow hackers to expend less effort on tools like antivirus and intrusion detection to instead research more meaningful defences such as whitelisting applications.
The incident responder from Google's Sydney office, who is charged with researching very advanced attacks including the 2009 Operation Aurora campaign, decried many existing tools as ineffective "magic" that engineers are forced to install for the sake of compliance but at the expense of real security.
"Please no more magic," he told the Kiwicon hacking conference in Wellington, New Zealand today.
"We need to stop investing in those things we have shown do not work."
Full Article