with more targeted attacks and better attack construction tools, there is much more 'zero day' malware in the wild. Yet protection products generally detect less than 50% of previously unseen malware.
Salt Lake City, UT (Vocus) December 12, 2006
Burton Group, an IT research firm focused on technical analysis of enterprise infrastructure technologies, has released a three-part research series to help enterprise organizations build a full spectrum defense against malware.
According to Dan Blum, Burton Group senior vice president and research director, "with more targeted attacks and better attack construction tools, there is much more 'zero day' malware in the wild. Yet protection products generally detect less than 50% of previously unseen malware."
Blum says the status quo practice of relying heavily on signature-based detection is not adequate because vendors can't keep up with the constant flood of new malware that exposes organizations to a window of vulnerability. However, while heuristic and behavioral detection will become more important, signature detection will still be required. This and other malware predictions are available at Burton Group's Inflection Point podcast site at http://inflectionpoint.burtongroup.com.
Blum's core recommendation is that organizations adopt a full-spectrum defense that includes endpoint, network/perimeter, application, service provider, and law enforcement layers. This strategy should include a risk- and information-centric view of protection into the way enterprises govern and control infrastructure, business units, users, and partners.
Blum notes that the need for anti-malware defenses drives much of the current IT security market, but the market is changing. The top anti-malware vendors today include Symantec, McAfee, and Trend Micro. There are also a number of second-tier suppliers, all host-based anti-malware vendors who are driving to provide unified endpoint protection offerings with strong enterprise management features. Competitive pressures will increase with Microsoft's anticipated entry into the enterprise anti-malware space in mid-2007.
- Technology & Standards report providing a detailed analysis of malware threats, including eleven malware predictions for 2007
- Market Landscape report containing a comprehensive review of host, network, and service provider anti-malware markets
- Methodologies and Best Practices document recounting enterprise perspectives on the anti-malware battlefield, exploring lessons learned, and providing a reference RFI for organizations seeking malware products.
A podcast about this series, including a PDF of Burton Group's 2007 malware predictions, is available at Burton Group Inflection Point, a complimentary resource that includes podcasts, blogs, and research. http://inflectionpoint.burtongroup.com
Burton Group (http://www.burtongroup.com) helps technologists make smart enterprise architecture decisions in increasingly complex environments. Burton Group's research and advisory services focus on technical analysis of infrastructure technologies relating to security, identity management, web services, service-oriented architecture, collaboration, content management, and network and telecom.