Skip to main content

Host Based Antivirus Near Its End

May 07, 2014

I read an article the other day where Symantec's information security chief declares the traditional antivirus is "dead" and "doomed to failure." With recent stories like this in the news, it is apparent that an organization’s security strategy has to include more than just host based antivirus.

Antivirus has been seen as a checkbox item organizations have fulfilled as a matter of habit (because it has always been done); but over the years, things have vastly changed with security technology, enabling attacks to be detected in real-time “on the wire,” instead of relying on traditional host based antivirus.

Host based antivirus has always been limited to the computing power on the client’s machine – with more restrictive rules slowing computers down as a limited amount of antivirus signatures could be stored and executed. Dedicated security appliances work differently, allowing many more signatures and detecting infection outbreaks across an organization’s global network with methods that do not directly affect a client’s machine.

Antivirus products attempt to prevent malicious viruses and malware at the computer endpoint, while new technologies aim to identify when attacks are happening, reveal the attacker's location and methods, and prevent or block the damage. But as with all security solutions, it is important that these new “on the wire” systems be configured correctly; they should be set to blocking mode, as they will not provide any defense in monitor mode.

With the proper implementation and tuning, these new security tools and products can become an effective part of your organization’s overall security strategy.

Related Blogs

May 10, 2017

PCI Compliance Every Day

The title of this post sounds daunting, does it not? However, achieving PCI compliance every day is not as daunting as you might think. With the relea...

See Details

November 10, 2015

Antivirus – Stick a Fork In It?

I am sure by now you have heard the rhetoric statement that Antivirus is DEAD. There has been quote after quote by many technology and security leader...

See Details

September 06, 2012

Bypassing Antivirus with PowerShell

On a recent penetration test, I ran into a number of challenges overcoming antivirus on compromised machines. Although I had already obtained domain a...

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.


Privacy Policy

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.

Subscribe

Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cybersecurity Events in your area.