Today, more than 1.6 million new malware signatures are identified each month. And more organizations are falling prey to "zero-day" attacks - malware for which an anti-virus signature does not exist. It’s no surprise that roughly half of the organizations surveyed in a 2010 Ponemon Institute study reported an increase in their IT operating expenses - a main driver of that cost increase was malware. Traditional anti-virus simply can't keep up in the malware arms race and relying on it as your primary defense will prove costly. In this webcast, Paul Henry, security and forensics expert, and Chris Merritt, Director of Solution Marketing with Lumension, will examine: * The true cost of anti-virus in terms of PC performance, network bandwidth, IT helpdesk costs, prevention of malware and more * Why application whitelisting is a better approach to defend against rising targeted attacks * How application whitelisting has evolved to provide a new level of intelligence that delivers more effective security and necessary flexibility to improve productivity - in even rapidly changing endpoint environments

1. The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endpoint Security

2. Today’s Speakers Chris Merritt Director of Solution Marketing Lumension Paul Henry Security & Forensics Analyst MCP+I, MCSE, CCSA, CCSE, CFSA, CFSO, CISSP,-ISSAP, CISM, CISA, CIFI, CCE SANS Institute Instructor

3. Today’s Agenda Decreasing Effectiveness of Anti-Virus Cost Impact of Ineffective Anti-Virus In-Depth View of Application Whitelisting Q&A

4. Decreasing Effectiveness of Anti-Virus

6. Malware Detection Rates Day 1 Source: Cyveillance, Malware Detection Rates for Leading AV Solutions (August 2010) AVERAGE detection rate upon initial discovery = 19%

7. Source: Cyveillance, Malware Detection Rates for Leading AV Solutions (August 2010) AVERAGE detection rate after 30 days = 62% Malware Detection Rates Day 30

10. Anyway You Look At It – It’s Ugly

12. Hard To Tell Fake AV From Real AV

13. Cost Impact of Ineffective Anti-Virus

14. Your Endpoint TCO Reality 2007: 250K Monthly Malware Signatures Identified 2011: 2M Monthly Malware Signatures Identified Malware Signatures Endpoint TCO Current Endpoint Security Effectiveness Increasing malware Costly point technologies Fractured visibility

17. A Look at Application Whitelisting

20. How Application Control Security Works Anti-Virus Blacklist Application Control Whitelist Malware Signatures 30 Million and growing @ xxx / Month DLoader.AMHZW Exploit_Gen.HOW Hacktool.KDY INF/AutoRun.HK JS/BomOrkut.A JS/Exploit.GX JS/FakeCodec.B JS/Iframe.BZ JS/Redirector.AH KillAV.MPK LNK/CplLnk.K Hash of Approved Application As defined by IT Security Word.exe Excel.exe Winnet.dll Mozilla.exe Run as a Service CPU Usage: Intensive Reactive Ineffective on: Zero Day, Polymorphic Run in the Kernel CPU Usage: Low Proactive Effective for: Zero day, Polymorphic 95% 13%

22. Don’t Just Listen To Us – Listen To Them! Antivirus, firewalls and intrusion detection are a start… But "whitelisting" offers a stronger defense. … McAfee believes "that's where the future is going.” -- George Kurtz, Worldwide CTO, McAfee “ Effective threat prevention today requires a more proactive combination of approaches that take various infection vectors into consideration.” -- Raimund Genes, CTO, Trend Micro Inc. “ [Signatures are] completely ineffective as the only layer [of endpoint security], but as one of the layers, [they're] effective.” -- Nikolay Grebennikov, CTO, Kaspersky

24. Defense-in-Depth Endpoint Security Known Malware Unknown Malware Unwanted, Unlicensed, Unsupported Applications Application Vulnerabilities Configuration Vulnerabilities AntiVirus X X Application Control X X Patch & Remediation X X Security Configuration Management X

25. Intelligent Whitelisting Value Proposition Malware Signatures Malware Related Costs More Effective Endpoint Security ROI of Intelligent Whitelisting 2011: Introducing Intelligent Whitelisting™