BriForum 2014 Boston - Matt Conover - Dealing with the Realities of Malware in Virtual Environments


Presented by Matt Conover

The number of malware variants and sophistication of advanced persistent threats is now such that it's hard for anti-virus solutions to keep up. Giving users administrative access but ensure the machine will get infected sooner or later. Even without admin rights, malware can be hiding in the user profile. New solutions like Bromium are great for protecting physical desktops, but how can we protect desktops in a DaaS or VDI environment? 

Key takeaways include:

• Security solutions just can't keep up with the # of new malware variants created each year. So with admin rights, it's just a matter of time before a user gets infected.
• Even without admin rights, many malware variants have built-in privilege escalation attacks that try to exploit known vulnerabilities.
• In virtual environments, the problem is even worse, many security features are disabled to avoid using too much CPU or I/O. Security updates are performed less frequently as well.
• So, what are the options to deal with it? Discuss options from most secure but with a bad user experience all the way up to accepting the inevitable and focusing on remediation instead.



View All Videos

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.