No one will argue that deploying security updates is important, but a recent exploit showed the difference between having a patch available and actually implementing it (again). Today’s reality is that hackers are far quicker to exploit known vulnerabilities than users are to patch them.
In the article, “Hackers move fast to exploit just-patched IE bug,” Symantec reported that after Microsoft issued a patch for 11 bugs in Internet Explorer last week, active attacks were spotted on one of the “patched” vulnerabilities just three days later. Although the vulnerability has seen limited attacks at this point, it is another in a long line of examples that demonstrate why enterprises need multiple layers of protection–most of which truly need to be completely out of the hands of users.
What good are security updates if hackers can jump right back in and exploit the same vulnerability? Honestly, the impact of an unpatched vulnerability would be significantly less if the endpoint protection (specifically antivirus technology) was effective at stopping the payload. As is becoming more and more evident, this is not the case. Traditional antivirus solutions are continuing to fall further behind in stopping the growing volume of malware exploits and variants.
[Time for the shameless plug. You can exit now if you don't want to know how to help actually solve the dilemma.]
Rather than reactively patching or depending on blacklists to identify and stop the tens of thousands of new online threats that come along each day (60,000 a day, according to Gartner), organizations need to take a proactive approach to not only protect their endpoints from all known and unknown malware threats, but also gain total application control of their systems to allow only what they want to run on their networks at all times.
CoreTrace’s Bouncer application whitelisting solution does this by providing complete insight and control over all installed applications across a highly distributed environment. By combining total application control with advanced, non-intrusive self-defending mechanisms, Bouncer helps organizations stop all known bad and unauthorized applications from running on any endpoints–including those that exploit a known, unpatched vulnerability.
by JT Keating
No comments:
Post a Comment