The document discusses 5 reasons why "math-based" next-generation antivirus products that rely solely on prevention and predictive analysis are insufficient for comprehensive endpoint protection. First, they only address 50-60% of malware and cannot prevent non-file based attacks. Second, malware behavior is difficult to truly predict. Third, with millions of new variants weekly, a 99.9% detection rate is not adequate. Fourth, these products require significant time and resources to train their AI models. Fifth, their management is strictly cloud-based without an on-premise option. A better approach combines prevention, detection, and automated response across all attack vectors on the endpoint.
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Five Reasons to Look Beyond Math-based Next-Gen Antivirus
1. 5 Reasons to Look Beyond
‘Math-based’ Next-Gen Antivirus
2. Introduction
In this SlideShare we will discuss why the industry’s
most hyped math-based prevention product,
developed with ‘predictive mathematics’, ‘machine
learning’ and ‘artificial intelligence’ is an approach
that will not come close to solving your overall
endpoint protection challenges.
Here are 5 reasons why:
3. Against today’s threats, prevention
is only part of the battle.
Prevention-only products may solve the problem…
if organizations only had to defend against Portable
Executable and DLL-based malware.
1
4. PE and DLL-based attacks ONLY represent 50% to 60% of new malware
observed each week
No single security technology is 100% effective, so even the malware that
these should be able to handle, will occasionally slip by
Prevention-only products will be completely ineffective towards threats that
use multiple vectors, especially when they don’t even use files, such as:
• Memory-based malware
• Exploits
• Script-based attacks from the inside
5. Some things simply can’t be
predicted
The premise that ‘math-based’ static prevention is that the true
nature of a file (benign or malicious) can be predicted through
statistical analysis of predefined attributes is FAULTY
2
6. This is an application of the same
kind of mathematics used across
the financial world to predict stock
market performance. How well
does that actually work?
Much like the stock markets,
malware is driven by human
behavior which makes it nearly
impossible to predict what new
tactics and techniques attackers
will develop next.
7. Attackers will still win when
protection is a numbers game
With statistics, perspective is critical. That’s why a 99.9%
prevention rate just isn’t going to cut it.
3
8. It’s time to change your perspective. If you are being threatened by 100
variants of malware then 99.9% prevention sounds pretty good, but what if
there are literally millions?
One new zero-day attack is discovered almost every week, and there are
almost 1 million new malware variants released EACH week.
Just ONE of these attacks could cause tremendous financial and
reputational damage to an organization.
Still feeling great about that 99.9%? Didn’t think so.
9. YOU have to teach the A.I.
(and that takes time)
‘Math-based’ next-gen AV products fall short, requiring
more time, money and resources to get the A.I. and
Machine Learning ramped up.
4
10. On initial deployment, there’s substantial overhead where security and IT
teams need to spend time telling the system what’s safe (versus what’s
not), as the product doesn’t use definition files.
It’s up to the admin to investigate files based on MD5 hashes and threat
intelligence reports, too.
Depending on the environment and the number of IT resources dedicated
to the security project, this process could be extremely time-consuming
Where time and resources are spent on any project, ROI and amount of
money invested should always be a consideration
11. Cloud-based management is
the only deployment option
If your organization adheres to stringent data privacy policies
that require it to own its own data, then the industry’s most
hyped math-based next-generation AV isn’t an option for you.
It is strictly cloud-based, with no option to deploy as an on-
premise management server
5
12. What Next?
Don’t buy into the hype. Today’s threat landscape is far too diverse
and sophisticated to rely solely on preventing file-based malware -
or on security solutions driven only by predictive analysis.
The best approach to Next-Generation Endpoint Protection
addresses all phases of the threat lifecycle. It combines advanced
prevention, behavior-based detection and automated response
capabilities that can be executed autonomously - on the endpoint
itself - for best-in-class protection across all major vectors of attack.
13. Thank You!
To learn more, check out our On-Demand webinar,
Beyond Files: The Full Spectrum of Attacks.