6. 1971
Creeper Virus, running on mainframe computer
1981
Elk Cloner, infected Apple II
Antivirus Software
Aplikasi / Program komputer yang digunakan untuk mencegah, mendeteksi, dan menghapus malware
1986
Brain, widespread IBM PC
7. Legacy Antivirus
Legacy / Pioneer / Traditional
1987
G DATA -- McAfee -- ESET (NOD32)
1988
Avira -- Avast -- AhnLab -- ThunderByte -- Dr. Solomon
1989
F Prot - Symantec -- Sophos -- Kaspersky
1990
Panda -- Trend Micro
1991
Norton -- VirIT Explorer -- F Secure
1992
Dr.Web -- AVG
1996
Bitdefender
1998
Norman
2001
ClamAV
8. The issues
Internet Malware (spyware)
Fake Antivirus
Potentially Unwanted Program
Crack / Keygen
Host / System Injection
-
14. Next-Gen AV
0-Day Exploit
Blocking exploit apps
Cloud Sandboxing
Live submission & analysis
Anti-Ransomware
Ransomware Protection
Fileless Attack
Examine attachment or link
Started 2013
2013
Crowdstrike, Blackberry Cylance, VMware Carbon Black, SentinelOne
2014
Mandiant (Fireeye), Cybereason
15. Next-Gen
Process File submission is hash & encrypted
Automatically or 30-days delete after analysis
Executables, Archives & Scripts recommended file
Custom documents file submission
Custom size of file submission
Analysis process takes 2 - 5 minutes
16. EDR
EDR adalah Tools untuk melakukan
deteksi dan respon terhadap ancaman
siber pada endpoint
Endpoint Detection & Response
Started 2013
1
pencarian dan pemeriksaan informasi
identifikasi tindakan mencurigakan
explorasi data
EDR Machine
2 IT Security for EDR
Company Need Resources for
18. MDR
MDR adalah Services yang diberikan oleh
vendor untuk melakukan deteksi dan respon
terhadap ancaman siber pada endpoint
Managed Detection & Response
Started 2017
XDR
eXtended Detection & Response
Started 2018
XDR adalah Services yang diberikan oleh
vendor untuk melakukan deteksi dan respon
terhadap ancaman siber pada seluruh
network
19. Summary Endpoint Protection
Only Endpoint
EP with Next-Gen
Endpoint with Next-Gen
EP with Next-Gen + EDR
Endpoint with Next-Gen + EDR
97%
98%
99%
There's no 100% secure