Antivirus Archives - Les Olson IT https://lesolson.redpeppersoftware.net/blog/tag/antivirus/ Your Office Technology Partner Thu, 24 Sep 2020 14:40:14 +0000 en-US hourly 1 https://wordpress.org/?v=6.1.6 https://lesolson.redpeppersoftware.net/wp-content/uploads/2021/11/cropped-LO_ITfavicon-1-1-32x32.png Antivirus Archives - Les Olson IT https://lesolson.redpeppersoftware.net/blog/tag/antivirus/ 32 32 8 Questions to Ask Before Buying an Endpoint Security Solution https://lesolson.redpeppersoftware.net/blog/8-questions-to-ask-before-buying-an-endpoint-security-solution/ Mon, 17 Aug 2020 14:47:02 +0000 https://lesolson.com/?p=14542 If you're weighing your options for endpoint security solutions, there are many options out there. However, solutions vary greatly in terms of how effectively they can protect your network. We want to help you make the best decision possible, so here are our top 8 questions to ask before buying an endpoint security solution, and why they are important.

The post 8 Questions to Ask Before Buying an Endpoint Security Solution appeared first on Les Olson IT.

]]>
[cz_image id=”cz_87972″ image=”14545″][/cz_image][cz_gap height=”25px”][cz_title id=”cz_85281″ cz_title=””]If you’re weighing your options for endpoint security solutions, there are many options out there. However, solutions vary greatly in terms of how effectively they can protect your network. We want to help you make the best decision possible, so here are our top 8 questions to ask before buying an endpoint security solution, and why they are important.

 

1) Does the solution employ Foundational Techniques (traditional), modern techniques (next-gen), or even a combination of both?

Solutions that have been around for a while, and rely on foundational techniques, are very effective against known threats. The issue is the inability for foundational techniques to effectively address unknown threats. As solutions have become more effective at combating known threats, hackers adapt at a rapid rate. This means it’s imperative to employ a next-gen solution that can respond to threats it has never encountered before, and also utilize proven foundational tactics.

 

Foundational Techniques include signature-based detection of known malware, application lockdown to prevent malicious behaviors of applications, behavioral monitoring/host intrusion prevention system to protect computers from unidentified viruses and suspicious behavior, web protection for URL lookup and blocking of known malicious websites, web control for endpoint web filtering, and data loss prevention to prevent the last stages of attacks that initially go unnoticed.

 

Next-gen techniques are the other piece of the puzzle, giving you machine learning to detect both known and unknown malware without relying on signatures, anti-exploit technology to prevent attackers from using the tools and techniques they rely on in their attack chains, ransomware-specific solutions to prevent the malicious encryption of data, technology designed to prevent the theft of authentication passwords, privilege escalation, process protection to prevent the use of techniques like code cave and AtomBombing, endpoint detection and response for providing detailed information when hunting down evasive threats, and incident response/synchronized security to automatically respond to incidents and communicate with other security tools.

 

2) How does the solution detect unknown threats. Does it have machine learning capabilities?

Malware includes both known and never-before-seen threats. While it’s easy to address a known issue, it’s obviously another thing to fight a problem you don’t even know exists. It’s no surprise that many solutions struggle to detect unknown malware threats. It’s highly important to find a solution that fights unknown threats because they are far more common than known threats. SophosLabs reports seeing approximately 400,000 pieces of unknown malware each day. The way you address unknown threats is to utilize machine learning.

 

3) If the solution does claim to utilize machine learning, what type of machine learning is used?

There are multiple methods of machine learning, including deep learning neural networks, Random Forest, Bayesian, and Clustering. Whatever the method, machine learning engines should be built to detect known and unknown malware, without relying on signatures. The advantage of machine learning is that it can detect malware that has never been seen before. You should be sure to evaluate the malware detection rate, false positive rate, and performance impact of any machine learning-based solution you consider.

 

4) What technology is deployed to prevent exploit-based and file-less attacks?

Not all attacks rely on malware. Exploit-based attacks take advantage of software bugs and vulnerabilities in order to gain access and control of your devices. Weaponized documents and malicious code hidden in legitimate programs and websites are common techniques used in these attacks. Other techniques include man-in-the-browser attacks, in which malware is used to infect a browser so attackers can view and manipulate traffic, and using web traffic for malicious purposes. It is important to determine what capabilities your solution has for preventing such attacks.

 

5) Is the solution specifically designed to stop ransomware?

Ransomware is an extremely common threat. There are two primary types of ransomware, file encryptors, which encrypt the victim’s files and holds them for ransom, and disk encryptors, which locks up their entire hard drive, or wipes it completely. Some solutions are specifically designed to prevent the malicious encryption of data by ransomware. Ransomware-specific solutions are also usually able to remediate impacted files.

 

6) Does the solution’s creator have third-party results that validate their approach?

Many endpoint security solution vendors make big claims about their products. It’s important that you can validate their claims and compare them to other solutions via a third-party evaluator. Some resources include MRG Effitas and their 360 Degree Assessment & Certification report, Gartner Magic Quadrant for Endpoint Protection Platforms, The Forrester Wave for Endpoint Security Suites, ESG Labs reviews, and AV Comparatives Business Security Test, among others.

 

7) Can the solution ask detailed threat hunting and IT security operations questions?

Are you able to ask questions about what has happened in the past and what is happening now on your endpoints so you can detect active adversaries and maintain security hygiene? Some questions you may want to ask include:

  • Are Processes trying to make a network connection with non-standard ports?
  • Which devices have known vulnerabilities, unknown services, or unauthorized browser extensions?
  • What is the scope and impact of security incidents?
  • Have any attacks gone unnoticed?
  • Are there any indicators of compromise across the network?
  • Are we able to prioritize events for further investigation?
  • Will we be able to accurately report on our organization’s security posture at any given moment?

 

8) What visibility is provided into attacks and can the solution respond automatically.

At a minimum, your endpoint security solution should provide insight into the incidents that occur to help you avoid future incidents. Ideally though, they would automatically respond to issues without the need for analysis or manual intervention.

 

As cyber threats continue to grow in complexity and volume, it’s more important than ever to have an effective endpoint security solution in place. We recommend Sophos Intercept X, an endpoint security solution that combines the best of traditional and next-gen techniques for security that is proven to be effective. Sophos Intercept X is top-rated by dozens of third-party evaluators. Les Olson Company is your source for IT Services in Utah and Las Vegas. Our team of network security experts can help your business get the right solution in place.

 

Intercept X Third Party Test Results and Top Analyst Reports:

SE Labs
  • AAA Rated for Enterprise – 100% total accuracy rating
  • AAA Rated for SMB – 100% total accuracy rating
  • AAA Rated for Consumer – 100% total accuracy rating
AV-Comparatives
  • Ranked #1 for Malware Protection (99.9% detection, zero false alarms)
  • Ranked #1 for Malware Protection
  • Ranked #1 for Exploit Protection
  • 100% block rate, 0 false positives 360 Degree Assessment
  • Editor’s Choice
  • Top Product: 6/6 Protection, 6/6 Usability, 5.6/6 Performance
  • #1 macOS protection: 6/6 Protection, 6/6 Usability, 6/6 Performance
  • AV-Test (Android): Perfect Score
Gartner
  • Leader: 2019 EPP Magic Quadrant
  • Leader: 2018 Endpoint Security Wave

[/cz_title]

[cz_gap height=”60px”][cz_title id=”cz_15915″ cz_title=””]

Get a Demo or Quote on Sophos Intercept X

[/cz_title][cz_gap]

[cz_gap][cz_content_box type=”1″ fx_hover=”fx_inner_line_hover” id=”cz_26273″ sk_overall=”background-repeat:no-repeat;background-position:right top;background-size:contain;background-image:url(https://lesolson.redpeppersoftware.net/wp-content/uploads/2019/11/Artboard-1NetworkAnalysis.png),linear-gradient(90deg,#f4f4f4,#f4f4f4);padding-top:50px;padding-bottom:35px;” back_content=”Quickly foster with resource maximizing” sk_back=”background-color:#ba0230;border-radius:10px;” sk_back_in=”color:#ffffff;” back_btn_link=”url:http%3A%2F%2Fxtratheme.com%2Ffashion-shop%2Fproducts%2F|||” sk_back_btn=”color:#000000;background-color:#ffffff;border-radius:4px;” sk_back_btn_hover=”color:#ffffff;background-color:rgba(0,0,0,0.76);” back_title=”59% OFF FOR WOMEN CLOTHES” back_btn_title=”Check Collection” link=”|||”][cz_gap height=”35px”][cz_title title_pos=”cz_title_pos_left” id=”cz_27621″ link=”url:%2Fwp-content%2Fuploads%2F2019%2F04%2FGood-Copier-Vendor-Checklist.pdf|||” sk_overall=”background-color:rgba(255,255,255,0.84);”]

GET A FREE,

COMPREHENSIVE

NETWORK ANALYSIS

[/cz_title][cz_gap][cz_button title=”Request Your Free” btn_position=”cz_btn_block” text_effect=”cz_btn_txt_move_down” id=”cz_21447″ subtitle=”NETWORK ANALYSIS” link=”url:%2Fservices%2Fit-services%2Fnetwork-analysis%2F|||” sk_button=”font-size:18px;text-align:center;line-height:20px;background-color:#ba0230;padding-right:30px;padding-left:30px;border-radius:0px;” sk_hover=”color:#ffffff;background-color:#e8283b;” sk_subtitle=”font-size:17px;color:rgba(255,255,255,0.6);font-weight:400;” sk_icon=”border-radius:4px;padding:10px 10px 10px 10px;margin-left:-8px;margin-right:12px;background-color:#ffffff;”][cz_gap height=”35px”][/cz_content_box]

The post 8 Questions to Ask Before Buying an Endpoint Security Solution appeared first on Les Olson IT.

]]>
The Problem with Traditional Antivirus Software https://lesolson.redpeppersoftware.net/blog/the-problem-with-traditional-antivirus-software/ Wed, 25 Jul 2018 16:12:41 +0000 https://lesolson.com/?p=6294 So your business uses Antivirus Software, you’re all set, right? Not so. The problem with traditional Antivirus Software is that it can only defend against known threats. In this article we’ll discover the monumental shift in the threat landscape and why mom and dad’s Antivirus Software just isn’t cutting it anymore.

The post The Problem with Traditional Antivirus Software appeared first on Les Olson IT.

]]>
[cz_image id=”cz_107785″ image=”11270″][/cz_image][cz_gap height=”25px”]

So your business uses Antivirus Software, you’re all set, right? Not so. The problem with traditional Antivirus Software is that it can only defend against known threats. In this article we’ll discover the monumental shift in the threat landscape and why mom and dad’s Antivirus Software just isn’t cutting it anymore.

Years ago the primary form of attacks were “generic malware,” a type of threat that is easily stopped by blocked by basic antivirus software. The thing is, today generic malware only makes up about 12% of cyberattacks. Wait…what’s the other 88%? As you see in the graph below, ransomware, email malware, and other advanced malware have become most common.

[cz_image id=”cz_46622″ image=”11277″][/cz_image][cz_gap height=”25px”]

If you’re thinking maybe you’ll take your chances and hope you just get hit with Generic Malware, you might want to think again. According to the State of Endpoint Security Today Survey, 54% of organizations were hit an average of two times in 2017, and most organizations admit they have no exploit prevention capabilities.

Let’s break down what we mean by known vs. unknown threats:

Known:

Traditional security products are designed to act once they encounter something they know to be malicious. These are attacks that are already known to exist and measures have been taken to block that attack in the future. Unfortunately with traditional antivirus, there is always a gap between when threats begin causing trouble and when the vendors update their software to block against the attack moving forward.

Unknown:

To avoid being detected by antivirus software, hackers need to create a completely new threat. And they’re really good at it too. Sophos Labs has said they receive and process 400,000 previously unseen malware samples every day. They also say that three quarters of the malicious files they encounter are unique to a single organization.

How can you fight back against attacks that have never been seen before, and may never be seen again?

Predictive securityThat’s where predictive security comes in. Predictive security utilizes deep learning technology to go much further than simply reacting to threats. If you ever talk to Siri, Alexa or Cortana – you’ve had personal experience with deep learning. In fact, it’s all around us from facial and voice recognition to self-driving cars and language translation. Deep learning is an advanced form of machine learning that was originally inspired by the way the human brain works. It can make predictions about data it has never seen based on the data it is trained on.

When deep learning is applied to the detection of malware and potentially malicious programs, it goes so much farther beyond what traditional antivirus is capable of. One of the solutions that utilizes predictive security is Intercept X by Sophos. Intercept X extracts millions of attributes about a file it’s analyzing and runs it through its deep learning model to determine whether the file is good or bad. This intelligent solution is highly effective at protecting against the unknown, stopping malware before it executes and denying the attacker their opportunity to leverage your data.

In January 2018, ESG Labs tested the latest version of Intercept X with real world advanced attacks. The results? “Intercept X stopped 100% of the exploit techniques that were missed by the traditional antivirus application.” – ESG Labs, A New Approach to Endpoint Security for Today’s Threats

“We haven’t found another product that can boast the high detection and low false positive levels of Intercept X” said Denney Fifield, Direction of Technical Services at Strong and Hanni.

[cz_gap height=”30px” id=”cz_62034″][cz_content_box type=”1″ fx_hover=”fx_inner_line_hover” id=”cz_55633″ sk_overall=”background-repeat:no-repeat;background-position:right bottom;background-size:contain;background-image:url(https://lesolson.redpeppersoftware.net/wp-content/uploads/2019/10/artArtboard-1deeplearning.png),linear-gradient(90deg,#f4f4f4,#f4f4f4);padding-top:50px;padding-bottom:35px;padding-left:50px;” back_content=”Quickly foster with resource maximizing” sk_back=”background-color:#ba0230;border-radius:10px;” sk_back_in=”color:#ffffff;” back_btn_link=”url:http%3A%2F%2Fxtratheme.com%2Ffashion-shop%2Fproducts%2F|||” sk_back_btn=”color:#000000;background-color:#ffffff;border-radius:4px;” sk_back_btn_hover=”color:#ffffff;background-color:rgba(0,0,0,0.76);” back_title=”59% OFF FOR WOMEN CLOTHES” back_btn_title=”Check Collection”][cz_title id=”cz_14996″ cz_title=”” link=”url:%2Finfo%2Fhow-intercept-x-uses-deep-learning%2F|||” sk_overall=”background-color:rgba(255,255,255,0.87);”]

HOW INTERCEPT X

USES DEEP

LEARNING TO FIGHT

SECURITY THREATS

[/cz_title][cz_social_icons fx=”cz_social_fx_10″ id=”cz_40875″ social=”%5B%7B%22icon%22%3A%22fa%20fa-arrow-circle-right%22%2C%22title%22%3A%22Read%20Article%22%2C%22link%22%3A%22%2Finfo%2Fhow-intercept-x-uses-deep-learning%2F%22%7D%5D” cz_social_icons=”” sk_icons=”font-size:50px;color:#ba0230;” sk_con=”padding-top:0px;padding-bottom:0px;margin-top:0px;margin-bottom:0px;”][/cz_content_box][cz_gap height=”30px” id=”cz_62034″]

[cz_gap height=”30px” id=”cz_62034″][cz_content_box type=”1″ fx_hover=”fx_inner_line_hover” id=”cz_17573″ sk_overall=”background-repeat:no-repeat;background-position:left bottom;background-size:contain;background-image:url(https://lesolson.redpeppersoftware.net/wp-content/uploads/2019/09/artAsset-1ransomware-phishing.png),linear-gradient(90deg,#f4f4f4,#f4f4f4);padding-top:50px;padding-right:50px;padding-bottom:35px;” back_content=”Quickly foster with resource maximizing” sk_back=”background-color:#ba0230;border-radius:10px;” sk_back_in=”color:#ffffff;” back_btn_link=”url:http%3A%2F%2Fxtratheme.com%2Ffashion-shop%2Fproducts%2F|||” sk_back_btn=”color:#000000;background-color:#ffffff;border-radius:4px;” sk_back_btn_hover=”color:#ffffff;background-color:rgba(0,0,0,0.76);” back_title=”59% OFF FOR WOMEN CLOTHES” back_btn_title=”Check Collection”][cz_title title_pos=”cz_title_pos_right” id=”cz_96892″ cz_title=”” link=”url:%2Finfo%2Fhow-ransomware-critically-impacts-businesses%2F|||” sk_overall=”background-color:rgba(255,255,255,0.87);”]

HOW RANSOMWARE

CRITICALLY IMPACTS

BUSINESSES

[/cz_title][cz_gap height=”33px” id=”cz_20875″][cz_social_icons position=”tar” fx=”cz_social_fx_10″ id=”cz_63802″ social=”%5B%7B%22icon%22%3A%22fa%20fa-arrow-circle-right%22%2C%22title%22%3A%22GO%22%2C%22link%22%3A%22%2Finfo%2Fhow-ransomware-critically-impacts-businesses%2F%22%7D%5D” cz_social_icons=”” sk_icons=”font-size:50px;color:#ba0230;” sk_con=”padding-top:0px;padding-bottom:0px;margin-top:0px;margin-bottom:0px;”][/cz_content_box][cz_gap height=”30px” id=”cz_20875″]

The post The Problem with Traditional Antivirus Software appeared first on Les Olson IT.

]]>