SANS Critical Control 5: Malware Defenses
- Jun 23, 2013
- Michelangelo Sidagni
In this latest installment of this blog series, I am going to analyze how to implement the SANS Critical Control #5: Malware Defenses using Unified VRM.
Enterprises and organizations belonging to any industry and government have been lately particularly victimized by targeted hacking attacks and malware of increasing sophistication. Botnets, trojans and exploit kits are making their round on a weekly basis continuously being updated with the latest 0-day exploits. Anti-virus companies are playing “catch-up” trying to update their products with the latest malware signatures. However, this is a “cat and mouse” game.
Unified VRM is not an anti-malware or a malware detection solution per se. However, appropriately configured through a specially crafted scan template, it can interact with tools that helps in malware detection.
As mentioned in a previous blog post, Unified VRM can interact with the remote agent SLAD installed in target system. SLAD can execute and interact with a series of malware detection and prevention tool, including: