Such breach detection systems would need a centralized management reporting system and cloud-based analysis of gathered threat data.
Anti-virus software is still often considered a "checkbox" item for enterprise deployments, especially on Microsoft Windows, but over the decades, anti-virus software changed to do far more than just signature-based virus blocking. Today, the question is whether the type of anti-malware product that evolved from virus checking can transform again to be a part of a "breach detection system," or BDS
“The premise of breach detection is things will get through all your defenses and you need to contain it as soon as possible,” says Randy Abrams, research director at NSS Labs, which has begun testing what it calls BDS products that can identify evidence of stealthy cyberattacks, track down what corporate computers and networks were hit and quickly mitigate against any malware dropped in that attack which would be used to spy and exfiltrate sensitive data. BDS products, however they do it — through sandboxing, an endpoint agent or other approach -- should be able to at least catch the breach within 48 hours, he says.
Full Article
Can anti-virus technology morph into breach detection systems?
Userlevel 7
+54
Userlevel 7
+56
Thanks Jeff a good one for @ maybe he can give us Webroot's position on this type of breach!
Daniel 😉
Daniel 😉
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.