* Posts by mike_mcsp

2 publicly visible posts • joined 9 Sep 2015

Malware menaces poison ads as Google, Yahoo! look away

mike_mcsp
WTF?

Re: There is a better way! Palo Alto Networks' platform solves this problem two ways

First not anonymous: My name is Mike and this is not an add. It is however, the truth, because there is a better way and the threat is REAL.

1. The Palo Alto Networks NG firewall does SSL Decryption

2. While malware files and attacks are growing exponentially, the new exploitation techniques are not. Name one NEW exploitation technique - memory corruption or software logic flow that has occurred in the past 6 months.

mike_mcsp

There is a better way! Palo Alto Networks' platform solves this problem two ways

1) Use a File Blocking Profile on the Next-Gen Firewall rules that govern user web browsing behavior. The file blocking profile detects PE files (which is what most drive by downloads try to deposit without any visibility to the user). THEN the action on the detection of the file is “continue”. A real user CAN hit the continue page… A background process cannot. This is a very effective way to stop drive by’s.

2) Traps endpoint protection - runs on the Window endpoint and when it sees a process employing one or more of the know exploitation techniques malware must use, it kills the process. Therefore it works on known and unknown (zero day) malware. No updates or signatures or browser plugins required!