Stop Buying Bad Security Prescriptions

[Deleted member 178]

Stop Buying Bad Security Prescriptions
You’re paying too much and it’s just not working
I’ve been working in information security for about two decades — spanning attack and defense, across the public and private sectors — and the most consistent truth I’ve found is that people overwhelmingly misunderstand how information security works. Even worse, the common misconceptions are such an endemic problem that they’ve fueled a $75 billion industry, comprised largely of snake oil solutions that range from ineffective to outright harmful. That’s left us in a place where the vast majority of the tech sector is throwing their money away on security that just doesn’t work, while ignoring the basic practices and processes that actually do produce secure systems … but it doesn’t have to be this way.

Stop Buying Bad Security Prescriptions

i cant agree more.

 

[Axelrod Sven]

That article is a bit harsh and unfair because the majority of people who read Articles like that, know fairly enough about Security Suites and practices... and those who don't know or are unaware of proper practices would move on from something stupid to the next stupid thing or product.

We can say many people know about Antivirus, but how many know about HiPS and Appguard and other relatively simple terms we understand, but is too complicated for the layperson...who just doesn't feel the need to know.

 

[Kate_L]

Thanks for sharing @Umbra. This is one of the best articles I've seen in long time

 

[Deleted member 178]

That article is a bit harsh and unfair because the majority of people who read Articles like that, know fairly enough about Security Suites and practices...

Unfair maybe, but it is the plain truth; big vendors keep building fear on the users, some even spread their own malware. i remember when MS announced the build-in Windows Defender for Win8 ; all big vendors complained of the risk of breaking the AV business...yes sure less incomes for them...

I am among the first in this forum to say AVs are obsolete, they are things of the past, what save the AV vendors is the several preventive layers of their products (BB, HIPS, Web filter, sandbox, etc...); use just a real-time scanner and your system will be pulverized by the first zero-day malware getting in.

and those who don't know or are unaware of proper practices would move on from something stupid to the next stupid thing or product.
We can say many people know about Antivirus, but how many know about HiPS and Appguard and other relatively simple terms we understand, but is too complicated for the layperson...who just doesn't feel the need to know.

It is why MS introduce more and more built-in security , smooth, efficient and easy to use. People bash MS, but i saw far less infections since Win8 exist ; most infected system i came across are WinXP/Win7 systems.

 

[Vasudev]

I am looking for built in Anti-executable(built by MS) combined with EMET for providing strong security out of the box when virus defs are out of date.

 

[jamescv7]

Actually in this reality, everything or majority treated quantity or quality.

So with the logic of having expensive means good quality however everything is reversible. Yes the article may be exaggerated but as readers, we need to understand the flow on how I.T security industry works.

 

[_CyberGhosT_]

Awesome share Umbra.
Direct and to the point, no sugar coating there

 

[DJ Panda]

I wish I had Umbras standpoint more Exe Racers are great but I attempted to use NVT Exe and was totally puzled on a if it was working. If your a novice and have no idea what to do the smallest step is keeping software up to date with SOME sort of security software.