Over the next few weeks I’ll be giving this talk in a number of locations. For those who attended and requested a PDF version of the slides, here is the link I promised: protecting-against-targeted-attacks-R2
Related posts:
PDF of “Protecting Against Targeted Attacks” talk
October 14th, 2009 by Chris Leave a reply »
Advertisement
Chris, I really enjoyed the talk. I started to ponder how the concept of virtual machines in “clouds” can exponentionally increase the threat if a provider/organization ISN’T using application control/whitelisting. Interesting stuff…. these two technologies may be hand and glove in the future. Thanks again.
Thank you Chris; the talk was awesome. I especially liked the tidbit about how we now have more malware apps than we do clean apps, thus the white-listing approach NOW makes sense while it did not 10 years ago.
Angelique,
The yard stick I use:
1) Does the solution increase ease of management?
2) Does the solution reduce overall costs?
If you can answer “yes” to either of these questions it probably increases risk as well. Now you need to decide if you can live with the additional risk or need to mitigate it. Accepting additional risk is OK, we do it all the time. The trick is to recognize you are accepting it.
Amar,
I agree. It is one of those statistics that blind sides you a bit when you first realize it. We are on track to see 7 million plus variations of Malware over the next year. All of a sudden stats like Apple adding 70,000 apps to their app store over the last year do not look quite so impressive.
Both,
Thanks for a great event. I had a blast as well!