More than 90 percent of malware found in the wild today is polymorphic, meaning it changes frequently and therefore is difficult to detect. And because most malware is spread via phishing, experts at Webroot are focusing their attention on stopping phishing attacks in real time, before they have a chance to infect a system with malicious code, says David Dufour, the company’s senior director of engineering and cybersecurity.
In this audio interview at RSA Conference 2017, Dufour discusses:
- How IP packets can be used to streamline malware detection, a much faster and more reliable process than sandboxing to defeat polymorphic malware;
- Why real-time anti-phishing detection is so critical, since 84 percent of phishing sites are taken down within 24 hours of being launched; and
- How the evolution of ransomware attacks is reigniting interest in more sophisticated malware detection techniques and services.
At Webroot, Dufour is involved in designing automated threat detection and remediation solutions with top-tier software and hardware manufacturers. His nearly 30 years of experience in software engineering has led to the creation of several predictive threat algorithms and the development of new techniques for mapping threat landscapes to identifying bad actors.
Source: SANS ISC SecNewsFeed @ February 22, 2017 at 03:06PM