This week’s Weekly Recap post comes courtesy of the SANS Reading Room. A particular whitepaper caught my eyes, and is worth calling out a few key points in the hopes that more people will go and read the full document. An Evaluators Guide to Cloud-Based NGAV: The SANS Guide to Evaluating Next-Generation Antivirus (PDF warning) is a paper by Barbara Filkins, a MSISE Candidate at SANS Technology Institute.
Barbara calls out the issues with the traditional model for identifying vulnerabilities, developing an attack, creating an attack signature, and then getting that signature pushed out to all endpoints. She goes on to highlight some of the benefits of leveraging the cloud-based distribution model – something that is increasingly important as our workforce moves almost entirely to mobile devices.
My favorite part of the whitepaper was the step-by-step guide Barbara developed to help organizations in performing product evaluations. Even better – she has included an evaluation guide with her key functionalities listed out, along with steps you can take to evaluate the effectiveness. This will surely lower the barrier to entry in proposing a PoC. You will want to tailor these questions to your environment, but you are starting off on the right foot.
Go out and take a look at the whitepaper, I think many people will benefit, even if they are not looking at replacing their traditional AV just yet.
The Personal Blog of Sean Goodwin 