Defending Your Corporate Endpoints How to Go Beyond Anti-Virus


Published on

Businesses large and small continue to struggle with malware. Traditional approaches to malware protection, like standalone anti-virus, are proving themselves unfit for the task. Kevin Beaver, Independent Information Security Expert dives into:
• How to get a better grasp of the weaknesses in endpoint security
• Examining whether or not anti-virus is effective
• A comparison between a proactive versus reactive approach to fighting the malware fight.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Defending Your Corporate Endpoints How to Go Beyond Anti-Virus

  1. 1. Defending Your Corporate Endpoints: How to Go Beyond Anti-VirusPresented by Kevin Beaver, CISSPIndependent Information Security Consultant,Speaker, Author, & Expert WitnessPrinciple Logic, Copyright © 2013, Principle Logic, LLC - All Rights Reserved.
  2. 2. About Kevin•Independent consultant » 24 years experience in IT – 18 years in information security » Focus on performing security assessments•Expert witness » Data breaches, security best practices/due diligence, compliance and intellectual property cases•Professional Speaker•Author• Creator/author of Security On Wheels audiobooks & blog (
  3. 3. About Chris•Security Expert » 30 years of engineering and marketing experience, currently specializing in: » Data Protection » Whitelisting » Endpoint Security•At Lumension » Director of Solution Marketing•Blogger » 3 Copyright © 2008, Principle Logic, LLC, All Rights Reserved.
  4. 4. The Current State of Malware
  5. 5. What This Applies To
  6. 6. Istraditional anti-virus useless?
  7. 7. What are the most commonweaknesses?
  8. 8. Why is it we cannotachieve what’s trulyneeded?
  9. 9. Is it the complexityof the threat or the complexity of our own systems?
  10. 10. What This Applies To
  11. 11. Gaining Control Know what Know how Technical you’ve got it’s at risk People/Process Implement policies/plans Regulatory Enforce Automation Refine and with repeat technology
  12. 12. How You Can Learn More•Kevin’s website:•Kevin’s blog:•Kevin’s audio programs:•Kevin’s books: @kevinbeaver PrincipleLogic
  13. 13. Defense-in-Depth Strategy Successful risk mitigation AV starts with a solid vulnerability Control the Bad management foundation, augmented by additional Device Control Control the Flow layered defenses which go beyond the traditional blacklist HD and Media Encryption approach. Control the Data Application Control Control the Gray Patch and Configuration Management Control the Vulnerability Landscape17
  14. 14. More Information• Free Security Scanner Tools • Get a Quote (and more) » Vulnerability Scanner – discover all OS and application vulnerabilities on your network management-security-suite/buy-now.aspx#2 » Application Scanner – discover all the apps being used in your network » Device Scanner – discover all the devices being used in your network Security-Tools.aspx• Lumension® Endpoint Management and Security Suite » Online Demo Video: Center/Vulnerability-Management.aspx » Free Trial (virtual or download): management-security-suite/free-trial.aspx18