2 comments


  • One of the issues is understanding what is malware. On a general basis it should be classified as ANY software that was not authorized to run on a system. The defense is how to protect it from landing on your systems. The best way is to have strong controls not only at the application but also at the configuration level. Many of today’s malware are entering through other applications (browsing, injections etc) and some are stealthy that they are disguising as drivers and java code. Strong file integrity monitoring and dynamic whitelisting could actually save money in the long run by providing a host defense against 0-day vulnerabilities and other changes. The key is to keep it all running after all!

    February 12, 2009
  • […] can apply hardening techniques like those above and antimalware techniques like HIPS, as mentioned earlier.  You can lock down your network and user rights.  There are a lot of other things that you can […]

    February 19, 2009

Leave a comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.