We know it’s a shock, but your endpoint protection suite isn’t doing a good enough job of blocking malware attacks. So the industry has resorted additional layers of inspection, detection, and even protection to address its shortcomings. One place focus is turning, which is seeing considerable innovation, is the network. We see a new set of devices and enhancements to existing perimeter platforms, focused on detecting and blocking malware. A paragraph from Network-Based Malware Detection: Filling the Gaps of AV says it best:
We have been doing anti-virus for years and it hasn’t worked. Malware detection moving forward is about really understanding what the files are doing, and then determining whether that behavior is bad. By leveraging the collective power of the network we can profile bad stuff much more quickly. With the advancement of network security technology we can start to analyze those files before they make their way onto our devices. Can we actually prevent an attack? Under the right circumstances, yes.
We would like to thank Palo Alto Networks for sponsoring this research, and making sure you can read it for a remarkably fair price.
You can download the paper directly: Network-Based Malware Detection: Filling the Gaps of AV
The paper is based on several posts:
Reader interactions
One Reply to “[New White Paper] Network-Based Malware Detection: Filling the Gaps of AV”
Looking to see if infected PC can be detected from the ssl vpn server end. Jathin Ullal 408 953 7188