October 27th, 2006

How many ways can you block malware?

Posted by Richard Stiennon @ 8:50 am

Categories: Spyware

Tags:

We all know and love to hate signature based blocking of malware but there are lots of other ways to tackle the problem of viruses, worms, and Trojans. Cisco Security Agent and Sana Security use a learning process and then block system calls that are outside the norm. Green Border uses a sand box approach. Websense uses a combination of white list and black list. eEye uses “methods”. Determina uses a “memory firewall”. A new one to me is Savant Protection. From my interview with Savant’s founder and CEO, Ken Steinberg, I learned of their CPU scheduling firewall. The theory is that every executable must request cycles on the CPU and that a shim between the scheduler and the kernel can enforce a policy about what gets to run and what gets blocked.

Listen to the podcast here. Ken has a great "radio presence".

Theme music for IT-Harvest ThreatCasts used with the permission of Hyperion Records

Richard Stiennon is an industry consultant. See his full profile and disclosure of his industry affiliations.

Talkback
Most Recent of 1 Talkback(s)

It's easy, don't use vulnerable software. cls@... | 10/30/06

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

VMware Infrastructure: A Guide to Bottom-Line Benefits VMware Frustrated by the costs of maintain ever larger data centers?or building ... Download Now
Virtualization: Architectural Considerations And Other Evaluation Criteria VMware Of the many approaches to x86 systems virtualization available in the ... Download Now
Five Steps to Determine When to Virtualize YourServers VMware Server virtualization isn't just for big companies. Entry-level ... Download Now

Blogs From Our Sponsors

Top Rated

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Favorite Links

Blogroll

ZDNet Blogs

White Papers, Webcasts, and Downloads

Dell Helps Medical University of South Carolina Bring the Intelligent Classroom to Life Dell Established in 1824, Medical University of South Carolina (MUSC) is one of ... Download Now
Smarter ways to make smarter products IBM Smarter Products is about creating products that integrate into our lives ... Download Now
Healthcare CommunI.T. CDW Help build a stronger Healthcare CommunI.T. with technology from CDW ... Download Now

Meet Doc

Here to help you with your Document Management Needs
Doc is an enigma. Born to a Russian ballerina and a German electrical engineer, he grew up in various locations in the United States. He’s seen the insides of more brands, versions, and generations of printer and printer-related hardware than almost anyone.
To learn more about this mysterious figure check out his blog on ZDNet and his Workspace on TechRepublic. You’ll be glad you did.
Produced by
ZDNet and

Threat Chaos

Richard Stiennon

October 27th, 2006

How many ways can you block malware?

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Recent Entries

Blogs From Our Sponsors

Top Rated

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Archives

Favorite Links

Blogroll

ZDNet Blogs

White Papers, Webcasts, and Downloads

Meet Doc

Blogs

Product Reviews

Videos

White Papers and Webcasts

Downloads

More

ZDNet News & Blogs

Product Reviews

Product Blogs

White Papers & Webcasts

Downloads

Threat Chaos

Richard Stiennon

October 27th, 2006

How many ways can you block malware?

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Recent Entries

Blogs From Our Sponsors

Top Rated

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Keep up with ZDNet

Archives

Favorite Links

Blogroll

ZDNet Blogs

White Papers, Webcasts, and Downloads

Meet Doc

Blogs

Product Reviews

Videos

White Papers and Webcasts

Downloads

More

ZDNet News & Blogs

Product Reviews

Product Blogs

White Papers & Webcasts

Downloads