Smarter ways to fight smarter threats
Conrad HerrmannZone Labs
Corporate stream: Friday 26 Sept 2003, 09.40-10.20.
Smarter ways to fight smarter threats
Code Red, Nimda, Bugbear, SQL Slammer... These threats wreaked havoc on the Internet
over the past two years. With each new attack, anti-virus companies race to issue updates
while software vendors desperately patch vulnerabilities. Yet often, countless systems
are infected by the time a patch is available.
The economic implications of these threats are profound: a March 2003 ICSA Labs study
found that 11.3 per cent of computers were hit by viruses every month in 2002, with the
average cost of mending each system rising over 117 percent from the previous year.
Given the enormous security and financial stakes and the unavoidable lag time between
patch updates, enterprises must halt the propagation of these types of threats before
they consume the network.
The answers lie in endpoint security policies that can suppress virus replication by preventing
inbound infection as well as prevent an infected host from spreading the virus outbound. This is
a vital component of enterprise security. Conrad Herrmann, CTO of Zone Labs, will explain the
challenges presented by these new types of threats and how inbound and outbound blocking and
enterprise-wide policy enforcement, quell the risks of these next-generation attacks.
With a new set of samples to measure detection against, a new platform on new hardware and a selection of new products in the mix, John Hawes had his work cut out in this comparative review on Windows XP SP3.