Anti-Virus, the traditional response, is a classic solution against already known threats, in many of those cases based on signature detection. But Anti-Virus is getting worse at detecting both known and new threats, as discussed here http://www.csoonline.com/article/3159073/computers/is-antivirus-getting-worse.html
Symantec, the giant Anti-Virus manufacturer has declared: “AV software, which is used to prevent, detect and remove or disarm malicious computer programs and malware threats, is not sufficient protection on its own because it only protects against the bad software that we already know exists.”
By their own admission, we realize that essentially, Anti-Virus is only a reactive technology. It’s like medicine for a disease, there is no general medicine or a one size fits all solution. You have to know about a threat in order to write detection for it. It also means that although Anti-Virus does a good job of catching new variants of existing threats, it doesn’t catch everything.
Today’s security landscape requires proactive attack protection to supplement basic Anti-Virus. Being armed with only Anti-Virus is like fighting with one arm tied behind your back. Anti-Virus is not a sufficiently secure tool when there is a need to provide an adequate solution to detect and prevent against Zero Day Attacks (unknown attacks).
Therefore, to meet the challenges of today’s tha reats, there is a necessity to implement real deep content filtering system that is much more than only Anti-Virus. Only a real deep content filtering system is the response for threats within complex files, which can be detected and stopped or removed at the gateway level, before the attack-vectors can enter the inside of the organization. A solution that has a real deep content filtering system, ensures that the user will receive a filtered file of the same quality and format as the original one, even in case of unstructured complex files, and will be able to use it as if it were un-touched. Deep content filtering will include:
- Analyze: Screen files as a complex container, which Anti-Viruses only do partially.
- Remediate: Blocking / removing / resetting unwanted embedded files and objects, which Anti-Viruses don’t do at all.
- Synthesize: Rebuilding / renewing / reassembling new filtered files, which Anti-Viruses don’t do at all.
What does your proactive plan to safeguard your data look like?