Defeating Malware: Isolate and Sanitize Rather than Detect
Detection has historically been at the foundation in the fight against malware infections. In theory, if malware can be detected, then actions can be taken to mitigate. Yet, as history has also shown, this “detect and then act” sequence has chinks in its effectiveness armor.
To be effective, malware detection and mitigation need to be comprehensive, accurate, intuitive (i.e., straightforward interpretation of detection alerts), and as rapid and scalable in operation as malware developers. Also, user transparency and a low tax on physical IT assets (bandwidth, storage, and computation) and staff (lifecycle administration and user helpdesk) are equally important, so the cost of waging the war does not offset the gains is developed.
Economically-rational cybercriminals will continue to spend time and talent in developing and distributing malware until anti-malware approaches become so pervasive and so effective that cybercriminals’ returns are marginalized—a point that has not yet arrived, and does not promise to arrive any time soon.
Rather than attempt to leapfrog malware developers with improved or supplemental malware detection approaches, approaches that are not reliant on detection offer an intriguing alternative.
Menlo Security offers such an alternative.3 Summarily, the company’s approach has two principal technologies. The first is the Menlo Security Isolation Platform (MSIP), where a user’s Web sessions are fully executed in temporary virtual containers that are external to the user’s device. Second, on the user’s local browser, only rendering information of the MSIP-executed Web sessions is received. Effectively, no active content—including potential malware—reaches the user’s device.
Table Of Contents
Defeating Malware: Isolate and Sanitize Rather than Detect 1 DEFEATING MALWARE: ISOLATE AND SANITIZE RATHER THAN DETECT
SPIE 2015 #26 - July 10/2015 1 Introduction 2 Malware's Pervasiveness 3 Under the Hood of Menlo Security's Malware-Defeating Approach 4 Expanding Field of Coverage 5 Market Ramifications 6 Stratecast - The Last Word 7 About Stratecast 8 About Frost and Sullivan