"Default-deny" application allow listing and application isolation are raising the bar for unknown malware on endpoints
The world's leading information technology research and advisory company, Gartner references Avecto and its Defendpoint software in its recent endpoint security research.
The research piece; “Protecting Endpoints from Malware Using Application Allow listing, Isolation and Privilege Management” by Mario de Boer, published July 2016, highlights the following key findings:
- Two application control technologies are raising the bar for unknown malware on endpoints
- Application isolation controls the access of an application. This technique is typically used to limit the impact of unknown applications until they are proven benign
- Removing administrative rights from all users dramatically reduces the risk of malware
- To implement application control across all endpoints, organizations must strike a balance between security (strict policies), user impact and operational overhead.
In his March 2016 report “Comparing endpoint technologies for malware protection”, de Boer states: “The endpoint is the centre of the malware universe. The endpoint is the only constant for malware. The endpoint is where all attack vectors rejoin to execute. However, with the complexity of modern malware, no organization should rely on a single layer of malware defense. For example, some new technologies may require fewer updates, incur less overhead, and provide better protection for specific stages of the malware infection or for specific classes of malware. None of the technologies is a "silver bullet" in isolation, and all successful solutions require a combination of technologies to meet a modern organization's effectiveness and usability requirements."
Paul Kenyon, co-founder and co-CEO at Avecto added: “We know that an over-reliance on detection technologies just doesn’t work anymore and next generation antivirus only helps to reduce the noise.
“As this latest research from Gartner highlights, a multi-layered and proactive approach is the most effective way to stop cyber attacks. As the only vendor to offer application allow listing, isolation and privilege management in one lightweight agent, we know how beneficial this unique combination of proactive technologies can be when it comes to stopping malware.”
Avecto will be exhibiting its Defendpoint software at this year’s Gartner’s Security & Risk Management Summit in London on September 12 -13. The Gartner report is accessible to Gartner clients at gartner.com
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.