Antivirus tools are a useless box-ticking exercise says Google security chap

  • 17 November 2016
  • 1 reply
  • 203 views

Userlevel 7
Badge +54

Advocates whitelists and other tools that 'genuinely help' security

 
17 Nov 2016 at 01:55, Darren Pauli Kiwicon Google senior security engineer Darren Bilby has asked fellow hackers to expend less effort on tools like antivirus and intrusion detection to instead research more meaningful defences such as whitelisting applications.
 
The incident responder from Google's Sydney office, who is charged with researching very advanced attacks including the 2009 Operation Aurora campaign, decried many existing tools as ineffective "magic" that engineers are forced to install for the sake of compliance but at the expense of real security.
 
"Please no more magic," he told the Kiwicon hacking conference in Wellington, New Zealand today.
 
"We need to stop investing in those things we have shown do not work."
 
Full Article

1 reply

Userlevel 7
There is definitively some merit in the use of whitelisting and in a way I wish that WSA had a local whitelisting capability.

Reply