Malware Analysis Process Matters
Gartner has been the most vocal about the need for a process shift, advocating what it calls an “adaptive malware security architecture.” The idea is to balance efforts among attempting to predict when a breach will occur, preventing the ones you can, detecting what a successful attacker has done on the endpoint, and ultimately responding to the attack in some way. You need to be doing all of these, all the time, with a variety of technologies, so you can respond appropriately.
“How you protect yourself from a shotgun blast is very different than how you protect yourself from a sniper’s bullet,” says Neal MacDonald, VP distinguished analyst at Gartner.
Let’s look at a real-world example of why you need change now, before you get stuck in the quicksand of a disastrous endpoint breach your prevention tools missed.