SlideShare a Scribd company logo

Is Antivirus (AV) Dead or Just Missing in Action

Download as PPTX, PDF
Quick Heal Technologies Ltd.
Quick Heal Technologies Ltd.

This document discusses whether antivirus (AV) software is dead or just missing in action. It begins by comparing traditional, signature-based AV to next-generation security products that use techniques like machine learning and threat intelligence. The document then debunks common myths about AV and security technologies. It analyzes results from tests of next-generation security products on services like VirusTotal. The document concludes that while no single product can stop all threats, security defenses continue to evolve beyond traditional AV through layered approaches.

Software
1 of 26
Is AV Dead Or Just Missing in Action? Rajesh Nikam Quick Heal Technologies Ltd. December, 2016
Agenda 1. Traditional AV vs Next-Gen Security Products 2. Busting Security Myths 3. VirusTotal & Next-Gen AVs 4. Comparison of Next-Gen Security Products 5. Conclusion
Is AV Dead?
Traditional AV vs Next-Gen Security Products Traditional AV • Signature based, blacklisting & reactive approach • Latency between • Samples reported, analysis and release of signature for detection • Complex samples using detection evasion mechanism • Ineffective against exploits targeting vulnerabilities in • Adobe, Microsoft Office file formats • Operating Systems, Web Browsers • Java and other applications • Fileless malware attacks Threat landscape & Computer Security is ever evolving
Next-Gen Security Products Big change in approach how threats are detected • Endpoints are acting as sensors • No longer dependent on signature based approach • Threat Intelligence – indicators of compromise, context aware • Ideally no latency in getting protection to all users • Products at perimeter of enterprises • scanning web traffic, email messages Traditional AV vs Next-Gen Security Products
Busting Security Myths
Busting Security Myths Threat Intelligence Traditional AV is just signature based Machine Learning solves all problems Malware behavior does not change Sandbox cure for all Advanced Threats (Next-Gen) Threat Intelligence
Myth#1 Machine Learning solves all problems • Building models based on train sets and anomalies • Effectiveness depends on accurate feature engineering • need strong domain expertise • Needs tuning of models for changing threats • challenge in scaling model to big number of samples • False Positives vs False Negatives • Efficacy against advanced threats • Specific, targeted and unknown samples • Garbage In Garbage Out (GIGO) • Best Next-Gen AVs with machine learning engines
Myth#2 Malware behavior does not change • Execution on real-systems or sandbox • to identify malicious behavior • Behavior common with clean applications • execution from temp folder, autorun entries, self-delete, copy to multiple locations, launch browser etc. • need to minimize false positives with reputation and whitelisting • Malware behavior is ever changing • e.g. evolution of ransomware • Adware, PUAs are hard to detect with behavior
Myth#3 Sandbox cure for all Advanced Threats • Email, Network sandboxing • Sandbox analysis is performed based on • known malicious traffic – netblocks, domains, snort rules • static analysis – yara rules & analysis scripts • known malicious behavior – pattern matching • Sandbox evasion techniques • detect presence of sandboxes • delay payload execution until user interaction • check for signs of real system • Ineffective against targeted malware • which run only on specific system configurations
Myth#4 Traditional AV is just signature based Not just signature based detections • algorithmic & emulator based detections • heuristic based detections • machine learning based detections • cloud based detections Endpoint Protection System have • behavior based detections • anti-exploit detections • firewall, IDS/IPS • web security AV-Certification methodologies have changed
Myth#5 (Next-Gen) Threat Intelligence Legacy, signature-based intelligence feeds Avoid the hype! • indicators of compromise • domains, urls, ipv4, ipv6, hashes • block malicious scripts based on patterns • to prevalent exploit kits • threat intelligence community • aggregation of threat intel subscriptions gives best results • hourly updates – still leaves window for compromise
VirusTotal & Next-Gen AVs
Maintaining a healthy community: “all scanning companies will now be required to integrate their detection scanner in the public VT interface, in order to be eligible to receive antivirus results as part of their VirusTotal API services.” VirusTotal should not be used to generate comparative metrics between different antivirus products. Antivirus engines can be sophisticated tools that have additional detection features that may not function within the VirusTotal scanning environment. VirusTotal & Next-Gen AVs
NG-AV 1 - The Industry’s Best Machine Learning Next-Gen AV NG-AV 2 - machine learning engine designed to identify previously unknown malware MD5: feb93aaab2357f00c23b06b7a6cab4c9 VirusTotal & Next-Gen AVs
Comparison of Next-Gen Security Products
Comparison of Next-Gen Security Products Source: AV-Comparative - Malware Protection and False Alarm Test, Oct 2016
Comparison of Next-Gen Security Products Source: MRG Effitas - Exploit Test, Oct 2016
Comparison of Next-Gen Security Products AV-Comparatives First public comparative Next-Gen Security test report • number of vendors refused to participate • some product only provide logging rather than protecting • protection features are deactivated by default • may not be available as trial version • do not sell to testing labs
Threat Intelligence Email Protection Web Security Firewall / IPS Anti-Virus / Anti-Malware Behavior Based Protection Anti-Exploit Patch Management Application Control Data Protection Endpoint Protection - Layered Security Approach
Just Missing in Action? Having right expectations from anti-malware products • ransomware & data protection • mobile devices, IoTs Malware-less attacks • using legitimate remote administration applications
"ain't a horse that can't be rode, ain't a man that can't be throwed"
Defense against insider threats? Walking cyber security threats Theory of convenience  And world needs to pay high price!
Conclusion • Security Products have multiple detection mechanisms • Threat-centric security technologies • Approach to security needs to be constantly evolved • No silver-bullet to solve all cyber security issues • Go beyond the Next-Gen hype!
Any Questions? Thank You! Call us at: Write to us at: 1800-121-7377 support@quickheal.com Visit us www.quickheal.com

Recommended

Safeguard your enterprise against ransomware
Safeguard your enterprise against ransomwareSafeguard your enterprise against ransomware
Safeguard your enterprise against ransomwareQuick Heal Technologies Ltd.
 
Alienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworksAlienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworksAlienVault
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing Netpluz Asia Pte Ltd
 
What is Next-Generation Antivirus?
What is Next-Generation Antivirus?What is Next-Generation Antivirus?
What is Next-Generation Antivirus?Ryan G. Murphy
 
Vulnerability Assessment
Vulnerability AssessmentVulnerability Assessment
Vulnerability Assessmentprimeteacher32
 
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than EverNew USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than EverAlienVault
 
Endpoint Security Evasion
Endpoint Security EvasionEndpoint Security Evasion
Endpoint Security EvasionInvincea, Inc.
 
How to Detect a Cryptolocker Infection with AlienVault USM
How to Detect a Cryptolocker Infection with AlienVault USMHow to Detect a Cryptolocker Infection with AlienVault USM
How to Detect a Cryptolocker Infection with AlienVault USMAlienVault
 

Recommended

Safeguard your enterprise against ransomware
Safeguard your enterprise against ransomwareSafeguard your enterprise against ransomware
Safeguard your enterprise against ransomwareQuick Heal Technologies Ltd.
 
Alienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworksAlienvault threat alerts in spiceworks
Alienvault threat alerts in spiceworksAlienVault
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing Netpluz Asia Pte Ltd
 
What is Next-Generation Antivirus?
What is Next-Generation Antivirus?What is Next-Generation Antivirus?
What is Next-Generation Antivirus?Ryan G. Murphy
 
Vulnerability Assessment
Vulnerability AssessmentVulnerability Assessment
Vulnerability Assessmentprimeteacher32
 
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than EverNew USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than EverAlienVault
 
Endpoint Security Evasion
Endpoint Security EvasionEndpoint Security Evasion
Endpoint Security EvasionInvincea, Inc.
 
How to Detect a Cryptolocker Infection with AlienVault USM
How to Detect a Cryptolocker Infection with AlienVault USMHow to Detect a Cryptolocker Infection with AlienVault USM
How to Detect a Cryptolocker Infection with AlienVault USMAlienVault
 
Insider Threats: How to Spot Trouble Quickly with AlienVault USM
Insider Threats: How to Spot Trouble Quickly with AlienVault USMInsider Threats: How to Spot Trouble Quickly with AlienVault USM
Insider Threats: How to Spot Trouble Quickly with AlienVault USMAlienVault
 
Application security
Application securityApplication security
Application securityHagar Alaa el-din
 
Malware detection how to spot infections early with alien vault usm
Malware detection how to spot infections early with alien vault usmMalware detection how to spot infections early with alien vault usm
Malware detection how to spot infections early with alien vault usmAlienVault
 
Improve threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usmImprove threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usmAlienVault
 
Redefining Endpoint Security
Redefining Endpoint SecurityRedefining Endpoint Security
Redefining Endpoint SecurityBurak DAYIOGLU
 
How to Detect SQL Injections & XSS Attacks with AlienVault USM
How to Detect SQL Injections & XSS Attacks with AlienVault USM How to Detect SQL Injections & XSS Attacks with AlienVault USM
How to Detect SQL Injections & XSS Attacks with AlienVault USM AlienVault
 
Application Security
Application SecurityApplication Security
Application SecurityReggie Niccolo Santos
 
Secure Data Workflow
Secure Data WorkflowSecure Data Workflow
Secure Data WorkflowOPSWAT
 
Malware evolution and Endpoint Detection and Response
Malware evolution and Endpoint Detection and Response Malware evolution and Endpoint Detection and Response
Malware evolution and Endpoint Detection and Response Adrian Guthrie
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityUmairFirdous
 
How to Detect System Compromise & Data Exfiltration with AlienVault USM
How to Detect System Compromise & Data Exfiltration with AlienVault USMHow to Detect System Compromise & Data Exfiltration with AlienVault USM
How to Detect System Compromise & Data Exfiltration with AlienVault USMAlienVault
 
Demo how to detect ransomware with alien vault usm_gg
Demo how to detect ransomware with alien vault usm_ggDemo how to detect ransomware with alien vault usm_gg
Demo how to detect ransomware with alien vault usm_ggAlienVault
 
Incident Response: Validation, Containment & Forensics
Incident Response: Validation, Containment & Forensics Incident Response: Validation, Containment & Forensics
Incident Response: Validation, Containment & ForensicsPriyanka Aash
 
What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?Priyanka Aash
 
Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & Architecture Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & ArchitecturePriyanka Aash
 
The Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup StoryThe Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup StoryQuest
 
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...Kaspersky
 
Planning your 2015 Threat Detection Strategy with a Broken Crystal Ball
Planning your 2015 Threat Detection Strategy with a Broken Crystal BallPlanning your 2015 Threat Detection Strategy with a Broken Crystal Ball
Planning your 2015 Threat Detection Strategy with a Broken Crystal BallAlienVault
 
Cyber Security - IDS/IPS is not enough
Cyber Security - IDS/IPS is not enoughCyber Security - IDS/IPS is not enough
Cyber Security - IDS/IPS is not enoughSavvius, Inc
 
Vapt( vulnerabilty and penetration testing ) services
Vapt( vulnerabilty and penetration testing ) servicesVapt( vulnerabilty and penetration testing ) services
Vapt( vulnerabilty and penetration testing ) servicesAkshay Kurhade
 
Data Security in Healthcare
Data Security in HealthcareData Security in Healthcare
Data Security in HealthcareQuick Heal Technologies Ltd.
 
Build Features, Not Apps
Build Features, Not AppsBuild Features, Not Apps
Build Features, Not AppsNatasha Murashev
 

More Related Content

What's hot

Insider Threats: How to Spot Trouble Quickly with AlienVault USM
Insider Threats: How to Spot Trouble Quickly with AlienVault USMInsider Threats: How to Spot Trouble Quickly with AlienVault USM
Insider Threats: How to Spot Trouble Quickly with AlienVault USMAlienVault
 
Malware detection how to spot infections early with alien vault usm
Malware detection how to spot infections early with alien vault usmMalware detection how to spot infections early with alien vault usm
Malware detection how to spot infections early with alien vault usmAlienVault
 
Improve threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usmImprove threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usmAlienVault
 
Redefining Endpoint Security
Redefining Endpoint SecurityRedefining Endpoint Security
Redefining Endpoint SecurityBurak DAYIOGLU
 
How to Detect SQL Injections & XSS Attacks with AlienVault USM
How to Detect SQL Injections & XSS Attacks with AlienVault USM How to Detect SQL Injections & XSS Attacks with AlienVault USM
How to Detect SQL Injections & XSS Attacks with AlienVault USM AlienVault
 
Secure Data Workflow
Secure Data WorkflowSecure Data Workflow
Secure Data WorkflowOPSWAT
 
Malware evolution and Endpoint Detection and Response
Malware evolution and Endpoint Detection and Response Malware evolution and Endpoint Detection and Response
Malware evolution and Endpoint Detection and Response Adrian Guthrie
 
How to Detect System Compromise & Data Exfiltration with AlienVault USM
How to Detect System Compromise & Data Exfiltration with AlienVault USMHow to Detect System Compromise & Data Exfiltration with AlienVault USM
How to Detect System Compromise & Data Exfiltration with AlienVault USMAlienVault
 
Demo how to detect ransomware with alien vault usm_gg
Demo how to detect ransomware with alien vault usm_ggDemo how to detect ransomware with alien vault usm_gg
Demo how to detect ransomware with alien vault usm_ggAlienVault
 
Incident Response: Validation, Containment & Forensics
Incident Response: Validation, Containment & Forensics Incident Response: Validation, Containment & Forensics
Incident Response: Validation, Containment & ForensicsPriyanka Aash
 
What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?Priyanka Aash
 
Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & Architecture Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & ArchitecturePriyanka Aash
 
The Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup StoryThe Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup StoryQuest
 
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...Kaspersky
 
Planning your 2015 Threat Detection Strategy with a Broken Crystal Ball
Planning your 2015 Threat Detection Strategy with a Broken Crystal BallPlanning your 2015 Threat Detection Strategy with a Broken Crystal Ball
Planning your 2015 Threat Detection Strategy with a Broken Crystal BallAlienVault
 
Cyber Security - IDS/IPS is not enough
Cyber Security - IDS/IPS is not enoughCyber Security - IDS/IPS is not enough
Cyber Security - IDS/IPS is not enoughSavvius, Inc
 
Vapt( vulnerabilty and penetration testing ) services
Vapt( vulnerabilty and penetration testing ) servicesVapt( vulnerabilty and penetration testing ) services
Vapt( vulnerabilty and penetration testing ) servicesAkshay Kurhade
 

What's hot (20)

Insider Threats: How to Spot Trouble Quickly with AlienVault USM
Insider Threats: How to Spot Trouble Quickly with AlienVault USMInsider Threats: How to Spot Trouble Quickly with AlienVault USM
Insider Threats: How to Spot Trouble Quickly with AlienVault USM
 
Application security
Application securityApplication security
Application security
 
Malware detection how to spot infections early with alien vault usm
Malware detection how to spot infections early with alien vault usmMalware detection how to spot infections early with alien vault usm
Malware detection how to spot infections early with alien vault usm
 
Improve threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usmImprove threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usm
 
Redefining Endpoint Security
Redefining Endpoint SecurityRedefining Endpoint Security
Redefining Endpoint Security
 
How to Detect SQL Injections & XSS Attacks with AlienVault USM
How to Detect SQL Injections & XSS Attacks with AlienVault USM How to Detect SQL Injections & XSS Attacks with AlienVault USM
How to Detect SQL Injections & XSS Attacks with AlienVault USM
 
Application Security
Application SecurityApplication Security
Application Security
 
Secure Data Workflow
Secure Data WorkflowSecure Data Workflow
Secure Data Workflow
 
Malware evolution and Endpoint Detection and Response
Malware evolution and Endpoint Detection and Response Malware evolution and Endpoint Detection and Response
Malware evolution and Endpoint Detection and Response
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
How to Detect System Compromise & Data Exfiltration with AlienVault USM
How to Detect System Compromise & Data Exfiltration with AlienVault USMHow to Detect System Compromise & Data Exfiltration with AlienVault USM
How to Detect System Compromise & Data Exfiltration with AlienVault USM
 
Demo how to detect ransomware with alien vault usm_gg
Demo how to detect ransomware with alien vault usm_ggDemo how to detect ransomware with alien vault usm_gg
Demo how to detect ransomware with alien vault usm_gg
 
Incident Response: Validation, Containment & Forensics
Incident Response: Validation, Containment & Forensics Incident Response: Validation, Containment & Forensics
Incident Response: Validation, Containment & Forensics
 
What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?
 
Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & Architecture Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & Architecture
 
The Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup StoryThe Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup Story
 
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
 
Planning your 2015 Threat Detection Strategy with a Broken Crystal Ball
Planning your 2015 Threat Detection Strategy with a Broken Crystal BallPlanning your 2015 Threat Detection Strategy with a Broken Crystal Ball
Planning your 2015 Threat Detection Strategy with a Broken Crystal Ball
 
Cyber Security - IDS/IPS is not enough
Cyber Security - IDS/IPS is not enoughCyber Security - IDS/IPS is not enough
Cyber Security - IDS/IPS is not enough
 
Vapt( vulnerabilty and penetration testing ) services
Vapt( vulnerabilty and penetration testing ) servicesVapt( vulnerabilty and penetration testing ) services
Vapt( vulnerabilty and penetration testing ) services
 

Viewers also liked

3 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 20173 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 2017Drift
 
Bluray disc-ppt-by-dhruv2-1222350645931113-9
Bluray disc-ppt-by-dhruv2-1222350645931113-9Bluray disc-ppt-by-dhruv2-1222350645931113-9
Bluray disc-ppt-by-dhruv2-1222350645931113-9Anirudh Reddy
 
The State of Email 2016 - Year in Review
The State of Email 2016 - Year in ReviewThe State of Email 2016 - Year in Review
The State of Email 2016 - Year in ReviewLitmus
 
Cyber Threat Intelligence: Knowing What Specific Threats Your Business Should...
Cyber Threat Intelligence: Knowing What Specific Threats Your Business Should...Cyber Threat Intelligence: Knowing What Specific Threats Your Business Should...
Cyber Threat Intelligence: Knowing What Specific Threats Your Business Should...SurfWatch Labs
 
SurfWatch Labs Threat Intelligence Solution Demo
SurfWatch Labs Threat Intelligence Solution DemoSurfWatch Labs Threat Intelligence Solution Demo
SurfWatch Labs Threat Intelligence Solution DemoSurfWatch Labs
 
How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017
How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017
How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017SurfWatch Labs
 
Gathering Intel from the Dark Web to Identify and Prioritize Critical Risks
Gathering Intel from the Dark Web to Identify and Prioritize Critical RisksGathering Intel from the Dark Web to Identify and Prioritize Critical Risks
Gathering Intel from the Dark Web to Identify and Prioritize Critical RisksSurfWatch Labs
 
Shining a Light on Cyber Threats from the Dark Web
Shining a Light on Cyber Threats from the Dark WebShining a Light on Cyber Threats from the Dark Web
Shining a Light on Cyber Threats from the Dark WebSurfWatch Labs
 
Cyber Threat Intelligence Solution Demonstration
Cyber Threat Intelligence Solution DemonstrationCyber Threat Intelligence Solution Demonstration
Cyber Threat Intelligence Solution DemonstrationSurfWatch Labs
 
Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...
Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...
Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...SurfWatch Labs
 
Create a Safer Learning Environment with Absolute Safe Schools
Create a Safer Learning Environment with Absolute Safe Schools Create a Safer Learning Environment with Absolute Safe Schools
Create a Safer Learning Environment with Absolute Safe Schools Absolute
 
SANS Report: The State of Security in Control Systems Today
SANS Report: The State of Security in Control Systems TodaySANS Report: The State of Security in Control Systems Today
SANS Report: The State of Security in Control Systems TodaySurfWatch Labs
 
Treat Cyber Like a Disease
Treat Cyber Like a DiseaseTreat Cyber Like a Disease
Treat Cyber Like a DiseaseSurfWatch Labs
 

Viewers also liked (20)

Data Security in Healthcare
Data Security in HealthcareData Security in Healthcare
Data Security in Healthcare
 
Build Features, Not Apps
Build Features, Not AppsBuild Features, Not Apps
Build Features, Not Apps
 
3 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 20173 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 2017
 
The ASL Alphabet
The ASL AlphabetThe ASL Alphabet
The ASL Alphabet
 
6 Tips to Protect Your Kids from Cyberbullying
6 Tips to Protect Your Kids from Cyberbullying6 Tips to Protect Your Kids from Cyberbullying
6 Tips to Protect Your Kids from Cyberbullying
 
Bluray disc-ppt-by-dhruv2-1222350645931113-9
Bluray disc-ppt-by-dhruv2-1222350645931113-9Bluray disc-ppt-by-dhruv2-1222350645931113-9
Bluray disc-ppt-by-dhruv2-1222350645931113-9
 
The State of Email 2016 - Year in Review
The State of Email 2016 - Year in ReviewThe State of Email 2016 - Year in Review
The State of Email 2016 - Year in Review
 
Bluray hd
Bluray hdBluray hd
Bluray hd
 
Cyber Threat Intelligence: Knowing What Specific Threats Your Business Should...
Cyber Threat Intelligence: Knowing What Specific Threats Your Business Should...Cyber Threat Intelligence: Knowing What Specific Threats Your Business Should...
Cyber Threat Intelligence: Knowing What Specific Threats Your Business Should...
 
25th Japan IT Week 2016
25th Japan IT Week 201625th Japan IT Week 2016
25th Japan IT Week 2016
 
GITEX 2016, Dubai
GITEX 2016, Dubai GITEX 2016, Dubai
GITEX 2016, Dubai
 
SurfWatch Labs Threat Intelligence Solution Demo
SurfWatch Labs Threat Intelligence Solution DemoSurfWatch Labs Threat Intelligence Solution Demo
SurfWatch Labs Threat Intelligence Solution Demo
 
How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017
How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017
How to Reduce Avenues of Attack: Using Intel to Plan for Cyber Threats in 2017
 
Gathering Intel from the Dark Web to Identify and Prioritize Critical Risks
Gathering Intel from the Dark Web to Identify and Prioritize Critical RisksGathering Intel from the Dark Web to Identify and Prioritize Critical Risks
Gathering Intel from the Dark Web to Identify and Prioritize Critical Risks
 
Shining a Light on Cyber Threats from the Dark Web
Shining a Light on Cyber Threats from the Dark WebShining a Light on Cyber Threats from the Dark Web
Shining a Light on Cyber Threats from the Dark Web
 
Cyber Threat Intelligence Solution Demonstration
Cyber Threat Intelligence Solution DemonstrationCyber Threat Intelligence Solution Demonstration
Cyber Threat Intelligence Solution Demonstration
 
Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...
Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...
Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...
 
Create a Safer Learning Environment with Absolute Safe Schools
Create a Safer Learning Environment with Absolute Safe Schools Create a Safer Learning Environment with Absolute Safe Schools
Create a Safer Learning Environment with Absolute Safe Schools
 
SANS Report: The State of Security in Control Systems Today
SANS Report: The State of Security in Control Systems TodaySANS Report: The State of Security in Control Systems Today
SANS Report: The State of Security in Control Systems Today
 
Treat Cyber Like a Disease
Treat Cyber Like a DiseaseTreat Cyber Like a Disease
Treat Cyber Like a Disease
 

Similar to Is Antivirus (AV) Dead or Just Missing in Action

Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Ricardo Resnik
 
What Every Developer And Tester Should Know About Software Security
What Every Developer And Tester Should Know About Software SecurityWhat Every Developer And Tester Should Know About Software Security
What Every Developer And Tester Should Know About Software SecurityAnne Oikarinen
 
WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...
WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...
WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...Orbid
 
NextGen Endpoint Security for Dummies
NextGen Endpoint Security for DummiesNextGen Endpoint Security for Dummies
NextGen Endpoint Security for DummiesAtif Ghauri
 
Application Explosion How to Manage Productivity vs Security
Application Explosion How to Manage Productivity vs SecurityApplication Explosion How to Manage Productivity vs Security
Application Explosion How to Manage Productivity vs SecurityLumension
 
Advanced Endpoint Protection
Advanced Endpoint ProtectionAdvanced Endpoint Protection
Advanced Endpoint ProtectionMustafa YÜKSEL
 
Tech Throwdown: Secure Containerization vs Whitelisting
Tech Throwdown: Secure Containerization vs WhitelistingTech Throwdown: Secure Containerization vs Whitelisting
Tech Throwdown: Secure Containerization vs WhitelistingInvincea, Inc.
 
Next Generation Endpoint Prtection Buyers Guide
Next Generation Endpoint Prtection Buyers GuideNext Generation Endpoint Prtection Buyers Guide
Next Generation Endpoint Prtection Buyers GuideJeremiah Grossman
 
Penetration testing dont just leave it to chance
Penetration testing dont just leave it to chancePenetration testing dont just leave it to chance
Penetration testing dont just leave it to chanceDr. Anish Cheriyan (PhD)
 
Vulnerability assessment and penetration testing
Vulnerability assessment and penetration testingVulnerability assessment and penetration testing
Vulnerability assessment and penetration testingAbu Sadat Mohammed Yasin
 
Malware Classification and Analysis
Malware Classification and AnalysisMalware Classification and Analysis
Malware Classification and AnalysisPrashant Chopra
 
Anti-virus Mechanisms and Various Ways to Bypass Antivirus detection
Anti-virus Mechanisms and Various Ways to Bypass Antivirus detectionAnti-virus Mechanisms and Various Ways to Bypass Antivirus detection
Anti-virus Mechanisms and Various Ways to Bypass Antivirus detectionNeel Pathak
 
Cyber-Security-Unit-4.pptx
Cyber-Security-Unit-4.pptxCyber-Security-Unit-4.pptx
Cyber-Security-Unit-4.pptxTikdiPatel
 
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...Amazon Web Services Korea
 
Virus Detection Based on the Packet Flow
Virus Detection Based on the Packet FlowVirus Detection Based on the Packet Flow
Virus Detection Based on the Packet FlowAntiy Labs
 
Infrastructure & Network Vulnerability Assessment and Penetration Testing
Infrastructure & Network Vulnerability Assessment and Penetration TestingInfrastructure & Network Vulnerability Assessment and Penetration Testing
Infrastructure & Network Vulnerability Assessment and Penetration TestingElanusTechnologies
 

Similar to Is Antivirus (AV) Dead or Just Missing in Action (20)

Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.
 
What Every Developer And Tester Should Know About Software Security
What Every Developer And Tester Should Know About Software SecurityWhat Every Developer And Tester Should Know About Software Security
What Every Developer And Tester Should Know About Software Security
 
WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...
WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...
WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...
 
NextGen Endpoint Security for Dummies
NextGen Endpoint Security for DummiesNextGen Endpoint Security for Dummies
NextGen Endpoint Security for Dummies
 
Application Explosion How to Manage Productivity vs Security
Application Explosion How to Manage Productivity vs SecurityApplication Explosion How to Manage Productivity vs Security
Application Explosion How to Manage Productivity vs Security
 
Advanced Endpoint Protection
Advanced Endpoint ProtectionAdvanced Endpoint Protection
Advanced Endpoint Protection
 
2012 ab is-your-browser-putting-you-at-risk
2012 ab is-your-browser-putting-you-at-risk2012 ab is-your-browser-putting-you-at-risk
2012 ab is-your-browser-putting-you-at-risk
 
Tech Throwdown: Secure Containerization vs Whitelisting
Tech Throwdown: Secure Containerization vs WhitelistingTech Throwdown: Secure Containerization vs Whitelisting
Tech Throwdown: Secure Containerization vs Whitelisting
 
Next Generation Endpoint Prtection Buyers Guide
Next Generation Endpoint Prtection Buyers GuideNext Generation Endpoint Prtection Buyers Guide
Next Generation Endpoint Prtection Buyers Guide
 
SentinelOne Buyers Guide
SentinelOne Buyers GuideSentinelOne Buyers Guide
SentinelOne Buyers Guide
 
Penetration testing dont just leave it to chance
Penetration testing dont just leave it to chancePenetration testing dont just leave it to chance
Penetration testing dont just leave it to chance
 
Vulnerability assessment and penetration testing
Vulnerability assessment and penetration testingVulnerability assessment and penetration testing
Vulnerability assessment and penetration testing
 
Malware Classification and Analysis
Malware Classification and AnalysisMalware Classification and Analysis
Malware Classification and Analysis
 
Anti-virus Mechanisms and Various Ways to Bypass Antivirus detection
Anti-virus Mechanisms and Various Ways to Bypass Antivirus detectionAnti-virus Mechanisms and Various Ways to Bypass Antivirus detection
Anti-virus Mechanisms and Various Ways to Bypass Antivirus detection
 
Cyber-Security-Unit-4.pptx
Cyber-Security-Unit-4.pptxCyber-Security-Unit-4.pptx
Cyber-Security-Unit-4.pptx
 
Talos
TalosTalos
Talos
 
SecPod Saner
SecPod SanerSecPod Saner
SecPod Saner
 
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
 
Virus Detection Based on the Packet Flow
Virus Detection Based on the Packet FlowVirus Detection Based on the Packet Flow
Virus Detection Based on the Packet Flow
 
Infrastructure & Network Vulnerability Assessment and Penetration Testing
Infrastructure & Network Vulnerability Assessment and Penetration TestingInfrastructure & Network Vulnerability Assessment and Penetration Testing
Infrastructure & Network Vulnerability Assessment and Penetration Testing
 

More from Quick Heal Technologies Ltd.

31 Internet Security Tips on CyberSecurity Month Ocotober
31 Internet Security Tips on CyberSecurity Month Ocotober31 Internet Security Tips on CyberSecurity Month Ocotober
31 Internet Security Tips on CyberSecurity Month OcotoberQuick Heal Technologies Ltd.
 
How a Ransomware Infects your Computer [INFOGRAPHIC]
How a Ransomware Infects your Computer [INFOGRAPHIC]How a Ransomware Infects your Computer [INFOGRAPHIC]
How a Ransomware Infects your Computer [INFOGRAPHIC]Quick Heal Technologies Ltd.
 
Centralized Patch Management - Proven Security Approach for Ransomware Protec...
Centralized Patch Management - Proven Security Approach for Ransomware Protec...Centralized Patch Management - Proven Security Approach for Ransomware Protec...
Centralized Patch Management - Proven Security Approach for Ransomware Protec...Quick Heal Technologies Ltd.
 
Protecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry RansomwareProtecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry RansomwareQuick Heal Technologies Ltd.
 
Seqrite Data Loss Prevention- Complete Protection from Data Theft and Data Loss
Seqrite Data Loss Prevention- Complete Protection from Data Theft and Data LossSeqrite Data Loss Prevention- Complete Protection from Data Theft and Data Loss
Seqrite Data Loss Prevention- Complete Protection from Data Theft and Data LossQuick Heal Technologies Ltd.
 
Seqrite EPS 7.0 launched in Poland by valued distributors, IT Dystrybucja 24
Seqrite EPS 7.0 launched in Poland by valued distributors, IT Dystrybucja 24Seqrite EPS 7.0 launched in Poland by valued distributors, IT Dystrybucja 24
Seqrite EPS 7.0 launched in Poland by valued distributors, IT Dystrybucja 24Quick Heal Technologies Ltd.
 
Jnana Sangama Day 1 - National convention for higher education
Jnana Sangama Day 1 - National convention for higher educationJnana Sangama Day 1 - National convention for higher education
Jnana Sangama Day 1 - National convention for higher educationQuick Heal Technologies Ltd.
 
7 Simple Tips to Take Care of your New Android Phone
7 Simple Tips to Take Care of your New Android Phone7 Simple Tips to Take Care of your New Android Phone
7 Simple Tips to Take Care of your New Android PhoneQuick Heal Technologies Ltd.
 

More from Quick Heal Technologies Ltd. (20)

Digital Threat Landscape
Digital Threat LandscapeDigital Threat Landscape
Digital Threat Landscape
 
Cybersecurity in Banking Sector
Cybersecurity in Banking SectorCybersecurity in Banking Sector
Cybersecurity in Banking Sector
 
31 Internet Security Tips on CyberSecurity Month Ocotober
31 Internet Security Tips on CyberSecurity Month Ocotober31 Internet Security Tips on CyberSecurity Month Ocotober
31 Internet Security Tips on CyberSecurity Month Ocotober
 
How a Ransomware Infects your Computer [INFOGRAPHIC]
How a Ransomware Infects your Computer [INFOGRAPHIC]How a Ransomware Infects your Computer [INFOGRAPHIC]
How a Ransomware Infects your Computer [INFOGRAPHIC]
 
Next-Gen Security Solution: Gateway Protection
Next-Gen Security Solution: Gateway ProtectionNext-Gen Security Solution: Gateway Protection
Next-Gen Security Solution: Gateway Protection
 
Centralized Patch Management - Proven Security Approach for Ransomware Protec...
Centralized Patch Management - Proven Security Approach for Ransomware Protec...Centralized Patch Management - Proven Security Approach for Ransomware Protec...
Centralized Patch Management - Proven Security Approach for Ransomware Protec...
 
Protecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry RansomwareProtecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry Ransomware
 
Seqrite Data Loss Prevention- Complete Protection from Data Theft and Data Loss
Seqrite Data Loss Prevention- Complete Protection from Data Theft and Data LossSeqrite Data Loss Prevention- Complete Protection from Data Theft and Data Loss
Seqrite Data Loss Prevention- Complete Protection from Data Theft and Data Loss
 
Seqrite EPS 7.0 launched in Poland by valued distributors, IT Dystrybucja 24
Seqrite EPS 7.0 launched in Poland by valued distributors, IT Dystrybucja 24Seqrite EPS 7.0 launched in Poland by valued distributors, IT Dystrybucja 24
Seqrite EPS 7.0 launched in Poland by valued distributors, IT Dystrybucja 24
 
Maharashtra Cooperative Summit 2016
Maharashtra Cooperative Summit 2016Maharashtra Cooperative Summit 2016
Maharashtra Cooperative Summit 2016
 
Seqrite Hyderabad Meet 2016
Seqrite Hyderabad Meet 2016 Seqrite Hyderabad Meet 2016
Seqrite Hyderabad Meet 2016
 
Seqrite CXO Meet, Ahmedabad, India
Seqrite CXO Meet, Ahmedabad, IndiaSeqrite CXO Meet, Ahmedabad, India
Seqrite CXO Meet, Ahmedabad, India
 
Fonetastic ppt
Fonetastic pptFonetastic ppt
Fonetastic ppt
 
Seqrite Launch Event in Athens, Greece.
Seqrite Launch Event in Athens, Greece.Seqrite Launch Event in Athens, Greece.
Seqrite Launch Event in Athens, Greece.
 
BFSI Leadership Summit, Mumbai
BFSI Leadership Summit, MumbaiBFSI Leadership Summit, Mumbai
BFSI Leadership Summit, Mumbai
 
Jnana Sangama Day 1 - National convention for higher education
Jnana Sangama Day 1 - National convention for higher educationJnana Sangama Day 1 - National convention for higher education
Jnana Sangama Day 1 - National convention for higher education
 
Event S-Mart Milan, Italy - May 2016
Event S-Mart Milan, Italy - May 2016Event S-Mart Milan, Italy - May 2016
Event S-Mart Milan, Italy - May 2016
 
Event S-Mart 2016 Florence, Italy - April 2016
Event S-Mart 2016 Florence, Italy - April 2016Event S-Mart 2016 Florence, Italy - April 2016
Event S-Mart 2016 Florence, Italy - April 2016
 
Cyber Security Predictions 2016
Cyber Security Predictions 2016Cyber Security Predictions 2016
Cyber Security Predictions 2016
 
7 Simple Tips to Take Care of your New Android Phone
7 Simple Tips to Take Care of your New Android Phone7 Simple Tips to Take Care of your New Android Phone
7 Simple Tips to Take Care of your New Android Phone
 

Recently uploaded

英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作qr0udbr0
 
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...OnePlan Solutions
 
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...Matt Ray
 
React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaReact Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaHanief Utama
 
Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Andreas Granig
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfAlina Yurenko
 
Introduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfIntroduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfFerryKemperman
 
What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....kzayra69
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEEVICTOR MAESTRE RAMIREZ
 
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Velvetech LLC
 
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024StefanoLambiase
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...Christina Lin
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWave PLM
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...soniya singh
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmSujith Sukumaran
 
What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...Technogeeks
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureDinusha Kumarasiri
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样umasea
 

Recently uploaded (20)

英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作
 
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
 
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
 
React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaReact Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief Utama
 
Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
 
Introduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfIntroduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdf
 
What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....
 
2.pdf Ejercicios de programación competitiva
2.pdf Ejercicios de programación competitiva2.pdf Ejercicios de programación competitiva
2.pdf Ejercicios de programación competitiva
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEE
 
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...
 
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need It
 
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort ServiceHot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalm
 
What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with Azure
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
 

Is Antivirus (AV) Dead or Just Missing in Action

  • 1. Is AV Dead Or Just Missing in Action? Rajesh Nikam Quick Heal Technologies Ltd. December, 2016
  • 2. Agenda 1. Traditional AV vs Next-Gen Security Products 2. Busting Security Myths 3. VirusTotal & Next-Gen AVs 4. Comparison of Next-Gen Security Products 5. Conclusion
  • 4.
  • 5. Traditional AV vs Next-Gen Security Products Traditional AV • Signature based, blacklisting & reactive approach • Latency between • Samples reported, analysis and release of signature for detection • Complex samples using detection evasion mechanism • Ineffective against exploits targeting vulnerabilities in • Adobe, Microsoft Office file formats • Operating Systems, Web Browsers • Java and other applications • Fileless malware attacks Threat landscape & Computer Security is ever evolving
  • 6. Next-Gen Security Products Big change in approach how threats are detected • Endpoints are acting as sensors • No longer dependent on signature based approach • Threat Intelligence – indicators of compromise, context aware • Ideally no latency in getting protection to all users • Products at perimeter of enterprises • scanning web traffic, email messages Traditional AV vs Next-Gen Security Products
  • 8. Busting Security Myths Threat Intelligence Traditional AV is just signature based Machine Learning solves all problems Malware behavior does not change Sandbox cure for all Advanced Threats (Next-Gen) Threat Intelligence
  • 9. Myth#1 Machine Learning solves all problems • Building models based on train sets and anomalies • Effectiveness depends on accurate feature engineering • need strong domain expertise • Needs tuning of models for changing threats • challenge in scaling model to big number of samples • False Positives vs False Negatives • Efficacy against advanced threats • Specific, targeted and unknown samples • Garbage In Garbage Out (GIGO) • Best Next-Gen AVs with machine learning engines
  • 10. Myth#2 Malware behavior does not change • Execution on real-systems or sandbox • to identify malicious behavior • Behavior common with clean applications • execution from temp folder, autorun entries, self-delete, copy to multiple locations, launch browser etc. • need to minimize false positives with reputation and whitelisting • Malware behavior is ever changing • e.g. evolution of ransomware • Adware, PUAs are hard to detect with behavior
  • 11. Myth#3 Sandbox cure for all Advanced Threats • Email, Network sandboxing • Sandbox analysis is performed based on • known malicious traffic – netblocks, domains, snort rules • static analysis – yara rules & analysis scripts • known malicious behavior – pattern matching • Sandbox evasion techniques • detect presence of sandboxes • delay payload execution until user interaction • check for signs of real system • Ineffective against targeted malware • which run only on specific system configurations
  • 12. Myth#4 Traditional AV is just signature based Not just signature based detections • algorithmic & emulator based detections • heuristic based detections • machine learning based detections • cloud based detections Endpoint Protection System have • behavior based detections • anti-exploit detections • firewall, IDS/IPS • web security AV-Certification methodologies have changed
  • 13. Myth#5 (Next-Gen) Threat Intelligence Legacy, signature-based intelligence feeds Avoid the hype! • indicators of compromise • domains, urls, ipv4, ipv6, hashes • block malicious scripts based on patterns • to prevalent exploit kits • threat intelligence community • aggregation of threat intel subscriptions gives best results • hourly updates – still leaves window for compromise
  • 15. Maintaining a healthy community: “all scanning companies will now be required to integrate their detection scanner in the public VT interface, in order to be eligible to receive antivirus results as part of their VirusTotal API services.” VirusTotal should not be used to generate comparative metrics between different antivirus products. Antivirus engines can be sophisticated tools that have additional detection features that may not function within the VirusTotal scanning environment. VirusTotal & Next-Gen AVs
  • 16. NG-AV 1 - The Industry’s Best Machine Learning Next-Gen AV NG-AV 2 - machine learning engine designed to identify previously unknown malware MD5: feb93aaab2357f00c23b06b7a6cab4c9 VirusTotal & Next-Gen AVs
  • 18. Comparison of Next-Gen Security Products Source: AV-Comparative - Malware Protection and False Alarm Test, Oct 2016
  • 19. Comparison of Next-Gen Security Products Source: MRG Effitas - Exploit Test, Oct 2016
  • 20. Comparison of Next-Gen Security Products AV-Comparatives First public comparative Next-Gen Security test report • number of vendors refused to participate • some product only provide logging rather than protecting • protection features are deactivated by default • may not be available as trial version • do not sell to testing labs
  • 21. Threat Intelligence Email Protection Web Security Firewall / IPS Anti-Virus / Anti-Malware Behavior Based Protection Anti-Exploit Patch Management Application Control Data Protection Endpoint Protection - Layered Security Approach
  • 22. Just Missing in Action? Having right expectations from anti-malware products • ransomware & data protection • mobile devices, IoTs Malware-less attacks • using legitimate remote administration applications
  • 23. "ain't a horse that can't be rode, ain't a man that can't be throwed"
  • 24. Defense against insider threats? Walking cyber security threats Theory of convenience  And world needs to pay high price!
  • 25. Conclusion • Security Products have multiple detection mechanisms • Threat-centric security technologies • Approach to security needs to be constantly evolved • No silver-bullet to solve all cyber security issues • Go beyond the Next-Gen hype!
  • 26. Any Questions? Thank You! Call us at: Write to us at: 1800-121-7377 support@quickheal.com Visit us www.quickheal.com