As long last (OK, maybe not that long), we have assembled the Evolving Endpoint Malware Detection series and packaged it as a paper. You can check out the landing page to find out more, but this description sum it up:
The good news is that endpoint security vendors recognized their traditional approaches were about as viable as dodo birds a few years back. They have been developing improved approaches – the resulting products have reduced footprints requiring far less computing resources on the device, and are generally decent at detecting simple attacks. But as we have described, simple attacks aren’t the ones to worry about. So we will investigate how endpoint protection will evolve to better detect and hopefully block the current wave of attacks.
We would like to thank Trusteer for licensing the content in this paper, and keep in mind that your work is never done. The bad guys (and gals) will continue innovating to steal your data, so your detection techniques need to evolve as well.
Direct Download: Evolving Endpoint Malware Detection (PDF)
For those of you interested in the raw material, here are the posts that made up the series: