Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
Default Deny VS traditional AVs
Message
<blockquote data-quote="ForgottenSeer 58943" data-source="post: 759183"><p>Correct, it requires a single pane of glass, with people trained(or experienced) to spot anomalies.</p><p></p><p>One company I know, I can't name them other than to say they make impressive vacuum cleaners and stuff - they use a full Linux environment with self-destructing bootable Linux terminals using custom linux servers with on-prem linux security engineers and automated daily security audits on every station. Need to say - we've never heard of them ever having a single compromise, a single piece of malware, or any sort of incidents. It's sort of a thing of beauty quite honestly, and I am envious of all of it.</p><p></p><p>Life is pretty easy security wise outside of Windows environments. Within them, as you said, it's a matter of the ROI.</p><p></p><p>At home I've migrated 100% of my network off Intel first and foremost, and about 90% has been migrated away from Windows. We've got some embedded systems (IoT), some Debian, maybe a BSD or two, a good number of Chromebooks, then some AndroidOS junk. 3 gaming rigs running Win10 remain in the mix and quite honestly, as long as they are isolated on a VLAN I don't really care too much about them anymore. Any old AV and some lockdowns works fine for them.</p><p></p><p>My threat surface has reduced so significantly, I am pretty confident I could/can downscale my gateway protection significantly as a result. I personally only fire up a Windows box for gaming, the other 98% of the time I am on Chromebook or Debian devices and not giving a crap about security.</p></blockquote><p></p>
[QUOTE="ForgottenSeer 58943, post: 759183"] Correct, it requires a single pane of glass, with people trained(or experienced) to spot anomalies. One company I know, I can't name them other than to say they make impressive vacuum cleaners and stuff - they use a full Linux environment with self-destructing bootable Linux terminals using custom linux servers with on-prem linux security engineers and automated daily security audits on every station. Need to say - we've never heard of them ever having a single compromise, a single piece of malware, or any sort of incidents. It's sort of a thing of beauty quite honestly, and I am envious of all of it. Life is pretty easy security wise outside of Windows environments. Within them, as you said, it's a matter of the ROI. At home I've migrated 100% of my network off Intel first and foremost, and about 90% has been migrated away from Windows. We've got some embedded systems (IoT), some Debian, maybe a BSD or two, a good number of Chromebooks, then some AndroidOS junk. 3 gaming rigs running Win10 remain in the mix and quite honestly, as long as they are isolated on a VLAN I don't really care too much about them anymore. Any old AV and some lockdowns works fine for them. My threat surface has reduced so significantly, I am pretty confident I could/can downscale my gateway protection significantly as a result. I personally only fire up a Windows box for gaming, the other 98% of the time I am on Chromebook or Debian devices and not giving a crap about security. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
