The conquerer of AV?
CSOonline.com has a good article about some emergent technology (the A1000) designed to create rules dynamically to detect malware.
There isn’t a lot of information on the technology yet but it seems that it does have strong roots in IDS tech, which is exactly what I’ve been hoping will happen to AV.
It sounds like it might be gateway-based. I’d prefer it to be closer to the network fabric, possibly based off netflow or something similar. But hey, its a start and from the looks of it, AV is indeed getting their peanut butter stuck in IDS’s chocolate. 
For more information about this topic
RSS feed for comments on this post.
TrackBack URI
