Premium Content

Access "Schneier-Ranum Face-Off: Is antivirus dead?"

Published: 20 Oct 2012

Point: Marcus Ranum What amazes me is that it's 2009 and the security world's response to viruses and malware is still oriented toward "detect the bad" rather than "permit the good." And, consequently, we still have viruses and malware. To me, it just seems so gosh-darned obvious that our problem is that we have lost control over our runtime environment, and regaining that control is "simply" a matter of deciding what programs we want to allow to run. Of course, most organizations don't know (or haven't got the courage to discover) what programs they allow--and, ultimately, isn't that the root of their security problems? When I read the security news and hear that thus-and-such government agency is trying to decide if Facebook is a necessary application, it makes my head spin. In Marcus-land, where I come from, you decide what is a necessary application first, not after you have 40,000 employees who have gotten so used to it that they now think Twitter is a constitutionally protected right. Isn't a virus or malware just unauthorized execution that someone ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside

Features

More Premium Content Accessible For Free

  • Strategies for a successful data protection program
    data_protection_2014.png
    E-Handbook

    Deploying data protection technologies properly requires a lot of time and patience. While most firms can get started by using preconfigured policies...

  • Devices, data and how enterprise mobile management reconciles the two
    ISM_supp_1014.png
    E-Zine

    The bring your own device (BYOD) movement, which has flooded the enterprise with employee-owned smartphones, tablets, phablets and purse-sized ...

  • Putting security on auto-pilot: What works, what doesn't
    security_auto-pilot.png
    E-Handbook

    For so long penetration testing meant hiring an expert to use skill and savvy to try to infiltrate the company system. But, as with most ...