Dissecting malware is interesting but Deep Secure is getting my attention handling this a different way. Transform all files as if all infected. No need to match known bad, zero day, etc.
They transform all to a safe file to deliver to the end user. Once cleaned the user then has a (safe) file even if they are risky and open.
Is this the new approach? Obviously this won't help software issues but would keep a lot of risky users stay out of trouble.
Cheers
It's an interesting approach, to say the least! I've seen it being done at another company called Votiro. I'd say it's probably an effective defense against infection, but right now, I think most organizations are using traditional EDR/AV/Antimalware solutions, so threats still have that going for them. I'm willing to bet that as soon as Deep Secure, or Votiro becomes a problem for threat actors they will start figuring out how to bypass them. Some may have already started. It's a fun 'cat & mouse' game.
Good on you for staying up with current and innovative defenses though!
Cheers,
Daniel
ITProTV
Show Host
I missed the Dissecting Malware webinar last week. Is there a way I can watch it now?