SlideShare ist ein Scribd-Unternehmen logo
1 von 13
Downloaden Sie, um offline zu lesen
Measuring the Actual Security that  Vendors Provide to Customers the need for AV product testing reform An executive session with  Trend Micro CTO Raimund Genes  and industry guests
Four ways to stop malware ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
But traditional testing only counts one ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Traditional AV product testing only measures detection
As a result … “ There is a desperate need for new standards for today’s anti-virus products.  The dominant paradigm,  scanning directories of files , is focused on old and known threats, and  reveals little about product efficacy in the wild .” Williamson & Gorelik (2007)
Test Labs are responding ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
AV Testing Metrics Chaos ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
AV Testing Metrics Chaos ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Blocking in the cloud before arrival ,[object Object],[object Object],[object Object],[object Object]
A new threat every 1.5 sec. ,[object Object],[object Object],[object Object],[object Object]
How long to respond to a new threat? …  a metric that shows real differences among vendors.
Key principles for AV product testing ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Comments from Industry Guests ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
 

Más contenido relacionado

Was ist angesagt?

Innocent Vulnerabilities vs. Malicious Backdoors: How to Manage Your Risk
Innocent Vulnerabilities vs. Malicious Backdoors: How to Manage Your RiskInnocent Vulnerabilities vs. Malicious Backdoors: How to Manage Your Risk
Innocent Vulnerabilities vs. Malicious Backdoors: How to Manage Your RiskWhiteSource
 
The Top 3 Strategies To Reduce Your Open Source Security Risks - A WhiteSour...
 The Top 3 Strategies To Reduce Your Open Source Security Risks - A WhiteSour... The Top 3 Strategies To Reduce Your Open Source Security Risks - A WhiteSour...
The Top 3 Strategies To Reduce Your Open Source Security Risks - A WhiteSour...WhiteSource
 
Including security in devops
Including security in devopsIncluding security in devops
Including security in devopsJérémy Matos
 
Automating Open Source Security: A SANS Review of WhiteSource
Automating Open Source Security: A SANS Review of WhiteSourceAutomating Open Source Security: A SANS Review of WhiteSource
Automating Open Source Security: A SANS Review of WhiteSourceWhiteSource
 
Preventing Known and Unknown Threats
Preventing Known and Unknown ThreatsPreventing Known and Unknown Threats
Preventing Known and Unknown ThreatsOPSWAT
 
INAIL e la cultura cybersecurity: Sonatype Advanced Development Pack
INAIL e la cultura cybersecurity: Sonatype Advanced Development PackINAIL e la cultura cybersecurity: Sonatype Advanced Development Pack
INAIL e la cultura cybersecurity: Sonatype Advanced Development PackEmerasoft, solutions to collaborate
 
OSSF 2018 - David habusha of Whitesource - Open Source Vulnerabilities 101
OSSF 2018 - David habusha of Whitesource - Open Source Vulnerabilities 101OSSF 2018 - David habusha of Whitesource - Open Source Vulnerabilities 101
OSSF 2018 - David habusha of Whitesource - Open Source Vulnerabilities 101FINOS
 
Software testing principles
Software testing principlesSoftware testing principles
Software testing principlesDonato Di Pierro
 
The Devops Challenge: Open Source Security Throughout the DevOps Pipline- A W...
The Devops Challenge: Open Source Security Throughout the DevOps Pipline- A W...The Devops Challenge: Open Source Security Throughout the DevOps Pipline- A W...
The Devops Challenge: Open Source Security Throughout the DevOps Pipline- A W...WhiteSource
 
4 Reasons to Crowdsource Your Pen Test
4 Reasons to Crowdsource Your Pen Test4 Reasons to Crowdsource Your Pen Test
4 Reasons to Crowdsource Your Pen Testbugcrowd
 
Information Security Incidents Survey in Russia
Information Security Incidents Survey  in RussiaInformation Security Incidents Survey  in Russia
Information Security Incidents Survey in RussiaPositive Hack Days
 
Bringing Security Testing to Development: How to Enable Developers to Act as ...
Bringing Security Testing to Development: How to Enable Developers to Act as ...Bringing Security Testing to Development: How to Enable Developers to Act as ...
Bringing Security Testing to Development: How to Enable Developers to Act as ...Achim D. Brucker
 
From Zero To Hero: Continuous Container Security in 4 Simple Steps- A WhiteSo...
From Zero To Hero: Continuous Container Security in 4 Simple Steps- A WhiteSo...From Zero To Hero: Continuous Container Security in 4 Simple Steps- A WhiteSo...
From Zero To Hero: Continuous Container Security in 4 Simple Steps- A WhiteSo...WhiteSource
 
Failure Of Antivirus
Failure Of AntivirusFailure Of Antivirus
Failure Of Antivirusamarnath
 
CI/CD pipeline security from start to finish with WhiteSource & CircleCI
CI/CD pipeline security from start to finish with WhiteSource & CircleCICI/CD pipeline security from start to finish with WhiteSource & CircleCI
CI/CD pipeline security from start to finish with WhiteSource & CircleCIWhiteSource
 
Continuous security testing - sharing responsibility
Continuous security testing - sharing responsibilityContinuous security testing - sharing responsibility
Continuous security testing - sharing responsibilityVodqaBLR
 

Was ist angesagt? (20)

Innocent Vulnerabilities vs. Malicious Backdoors: How to Manage Your Risk
Innocent Vulnerabilities vs. Malicious Backdoors: How to Manage Your RiskInnocent Vulnerabilities vs. Malicious Backdoors: How to Manage Your Risk
Innocent Vulnerabilities vs. Malicious Backdoors: How to Manage Your Risk
 
The Top 3 Strategies To Reduce Your Open Source Security Risks - A WhiteSour...
 The Top 3 Strategies To Reduce Your Open Source Security Risks - A WhiteSour... The Top 3 Strategies To Reduce Your Open Source Security Risks - A WhiteSour...
The Top 3 Strategies To Reduce Your Open Source Security Risks - A WhiteSour...
 
Including security in devops
Including security in devopsIncluding security in devops
Including security in devops
 
Automating Open Source Security: A SANS Review of WhiteSource
Automating Open Source Security: A SANS Review of WhiteSourceAutomating Open Source Security: A SANS Review of WhiteSource
Automating Open Source Security: A SANS Review of WhiteSource
 
Preventing Known and Unknown Threats
Preventing Known and Unknown ThreatsPreventing Known and Unknown Threats
Preventing Known and Unknown Threats
 
INAIL e la cultura cybersecurity: Sonatype Advanced Development Pack
INAIL e la cultura cybersecurity: Sonatype Advanced Development PackINAIL e la cultura cybersecurity: Sonatype Advanced Development Pack
INAIL e la cultura cybersecurity: Sonatype Advanced Development Pack
 
OSSF 2018 - David habusha of Whitesource - Open Source Vulnerabilities 101
OSSF 2018 - David habusha of Whitesource - Open Source Vulnerabilities 101OSSF 2018 - David habusha of Whitesource - Open Source Vulnerabilities 101
OSSF 2018 - David habusha of Whitesource - Open Source Vulnerabilities 101
 
Software testing principles
Software testing principlesSoftware testing principles
Software testing principles
 
The Devops Challenge: Open Source Security Throughout the DevOps Pipline- A W...
The Devops Challenge: Open Source Security Throughout the DevOps Pipline- A W...The Devops Challenge: Open Source Security Throughout the DevOps Pipline- A W...
The Devops Challenge: Open Source Security Throughout the DevOps Pipline- A W...
 
4 Reasons to Crowdsource Your Pen Test
4 Reasons to Crowdsource Your Pen Test4 Reasons to Crowdsource Your Pen Test
4 Reasons to Crowdsource Your Pen Test
 
Information Security Incidents Survey in Russia
Information Security Incidents Survey  in RussiaInformation Security Incidents Survey  in Russia
Information Security Incidents Survey in Russia
 
Bringing Security Testing to Development: How to Enable Developers to Act as ...
Bringing Security Testing to Development: How to Enable Developers to Act as ...Bringing Security Testing to Development: How to Enable Developers to Act as ...
Bringing Security Testing to Development: How to Enable Developers to Act as ...
 
From Zero To Hero: Continuous Container Security in 4 Simple Steps- A WhiteSo...
From Zero To Hero: Continuous Container Security in 4 Simple Steps- A WhiteSo...From Zero To Hero: Continuous Container Security in 4 Simple Steps- A WhiteSo...
From Zero To Hero: Continuous Container Security in 4 Simple Steps- A WhiteSo...
 
Software testing methods
Software testing methodsSoftware testing methods
Software testing methods
 
Laura Bell (SafeStack)
Laura Bell (SafeStack)Laura Bell (SafeStack)
Laura Bell (SafeStack)
 
Failure Of Antivirus
Failure Of AntivirusFailure Of Antivirus
Failure Of Antivirus
 
CI/CD pipeline security from start to finish with WhiteSource & CircleCI
CI/CD pipeline security from start to finish with WhiteSource & CircleCICI/CD pipeline security from start to finish with WhiteSource & CircleCI
CI/CD pipeline security from start to finish with WhiteSource & CircleCI
 
Testing Principles
Testing PrinciplesTesting Principles
Testing Principles
 
Continuous security testing - sharing responsibility
Continuous security testing - sharing responsibilityContinuous security testing - sharing responsibility
Continuous security testing - sharing responsibility
 
DevOps
DevOpsDevOps
DevOps
 

Andere mochten auch

Volume of Threat: The AV update deployment bottleneck
Volume of Threat:  The AV update deployment bottleneckVolume of Threat:  The AV update deployment bottleneck
Volume of Threat: The AV update deployment bottleneckAnthony Arrott
 
Arrott Htcia St Johns 101020
Arrott Htcia St Johns 101020Arrott Htcia St Johns 101020
Arrott Htcia St Johns 101020Anthony Arrott
 
Corso Organizzazione aziendale lezione 10 - strutture di base
Corso Organizzazione aziendale  lezione 10 - strutture di baseCorso Organizzazione aziendale  lezione 10 - strutture di base
Corso Organizzazione aziendale lezione 10 - strutture di baseAntongiulio Bua
 
Corso oa lezione 11 - modificate
Corso oa   lezione 11 - modificateCorso oa   lezione 11 - modificate
Corso oa lezione 11 - modificateAntongiulio Bua
 
Corso oa lezione 4 - motivazione
Corso oa   lezione 4 - motivazioneCorso oa   lezione 4 - motivazione
Corso oa lezione 4 - motivazioneAntongiulio Bua
 
Corso oa lezione 6 - var. sociali
Corso oa   lezione 6 - var. socialiCorso oa   lezione 6 - var. sociali
Corso oa lezione 6 - var. socialiAntongiulio Bua
 

Andere mochten auch (9)

Volume of Threat: The AV update deployment bottleneck
Volume of Threat:  The AV update deployment bottleneckVolume of Threat:  The AV update deployment bottleneck
Volume of Threat: The AV update deployment bottleneck
 
Arrott Htcia St Johns 101020
Arrott Htcia St Johns 101020Arrott Htcia St Johns 101020
Arrott Htcia St Johns 101020
 
Corso Organizzazione aziendale lezione 10 - strutture di base
Corso Organizzazione aziendale  lezione 10 - strutture di baseCorso Organizzazione aziendale  lezione 10 - strutture di base
Corso Organizzazione aziendale lezione 10 - strutture di base
 
Stormy Weather
Stormy Weather Stormy Weather
Stormy Weather
 
Stormy Weather
Stormy WeatherStormy Weather
Stormy Weather
 
Corso oa lezione 11 - modificate
Corso oa   lezione 11 - modificateCorso oa   lezione 11 - modificate
Corso oa lezione 11 - modificate
 
Vivifacile
VivifacileVivifacile
Vivifacile
 
Corso oa lezione 4 - motivazione
Corso oa   lezione 4 - motivazioneCorso oa   lezione 4 - motivazione
Corso oa lezione 4 - motivazione
 
Corso oa lezione 6 - var. sociali
Corso oa   lezione 6 - var. socialiCorso oa   lezione 6 - var. sociali
Corso oa lezione 6 - var. sociali
 

Ähnlich wie Measuring the Actual Security that Vendors Provide to Customers

Securing data flow to and from organizations
Securing data flow to and from organizationsSecuring data flow to and from organizations
Securing data flow to and from organizationsOPSWAT
 
Is av dead or just missing in action - avar2016
Is av dead or just missing in action - avar2016Is av dead or just missing in action - avar2016
Is av dead or just missing in action - avar2016rajeshnikam
 
Colby_Sawyer_white_paper final 2
Colby_Sawyer_white_paper final 2Colby_Sawyer_white_paper final 2
Colby_Sawyer_white_paper final 2Scott Brown
 
What Every Developer And Tester Should Know About Software Security
What Every Developer And Tester Should Know About Software SecurityWhat Every Developer And Tester Should Know About Software Security
What Every Developer And Tester Should Know About Software SecurityAnne Oikarinen
 
Penetration testing dont just leave it to chance
Penetration testing dont just leave it to chancePenetration testing dont just leave it to chance
Penetration testing dont just leave it to chanceDr. Anish Cheriyan (PhD)
 
The AV-Comparatives Guide to the Best Cybersecurity Solutions of 2017
The AV-Comparatives Guide to the Best Cybersecurity Solutions of 2017The AV-Comparatives Guide to the Best Cybersecurity Solutions of 2017
The AV-Comparatives Guide to the Best Cybersecurity Solutions of 2017Jermund Ottermo
 
Nazira Omuralieva - Susan Kaufman - Improving Application Security - Vulnerab...
Nazira Omuralieva - Susan Kaufman - Improving Application Security - Vulnerab...Nazira Omuralieva - Susan Kaufman - Improving Application Security - Vulnerab...
Nazira Omuralieva - Susan Kaufman - Improving Application Security - Vulnerab...Source Conference
 
Antivirus Comparative junio 2014
Antivirus Comparative junio 2014Antivirus Comparative junio 2014
Antivirus Comparative junio 2014Doryan Mathos
 
Using Multiple Antivirus Engine Scanning to Protect Critical Infrastructure
Using Multiple Antivirus Engine Scanning to Protect Critical InfrastructureUsing Multiple Antivirus Engine Scanning to Protect Critical Infrastructure
Using Multiple Antivirus Engine Scanning to Protect Critical InfrastructureOPSWAT
 
Secure SDLC in mobile software development.
Secure SDLC in mobile software development.Secure SDLC in mobile software development.
Secure SDLC in mobile software development.Mykhailo Antonishyn
 
The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...
The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...
The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...Lumension
 
Why Penetration Tests Are Important Cyber51
Why Penetration Tests Are Important Cyber51Why Penetration Tests Are Important Cyber51
Why Penetration Tests Are Important Cyber51martinvoelk
 

Ähnlich wie Measuring the Actual Security that Vendors Provide to Customers (20)

Active Testing
Active TestingActive Testing
Active Testing
 
Securing data flow to and from organizations
Securing data flow to and from organizationsSecuring data flow to and from organizations
Securing data flow to and from organizations
 
Avc fdt 201209_en
Avc fdt 201209_enAvc fdt 201209_en
Avc fdt 201209_en
 
Is Antivirus (AV) Dead or Just Missing in Action
Is Antivirus (AV) Dead or Just Missing in Action Is Antivirus (AV) Dead or Just Missing in Action
Is Antivirus (AV) Dead or Just Missing in Action
 
Is av dead or just missing in action - avar2016
Is av dead or just missing in action - avar2016Is av dead or just missing in action - avar2016
Is av dead or just missing in action - avar2016
 
Colby_Sawyer_white_paper final 2
Colby_Sawyer_white_paper final 2Colby_Sawyer_white_paper final 2
Colby_Sawyer_white_paper final 2
 
Sandboxing
SandboxingSandboxing
Sandboxing
 
Sandboxing
SandboxingSandboxing
Sandboxing
 
What Every Developer And Tester Should Know About Software Security
What Every Developer And Tester Should Know About Software SecurityWhat Every Developer And Tester Should Know About Software Security
What Every Developer And Tester Should Know About Software Security
 
Penetration testing dont just leave it to chance
Penetration testing dont just leave it to chancePenetration testing dont just leave it to chance
Penetration testing dont just leave it to chance
 
The AV-Comparatives Guide to the Best Cybersecurity Solutions of 2017
The AV-Comparatives Guide to the Best Cybersecurity Solutions of 2017The AV-Comparatives Guide to the Best Cybersecurity Solutions of 2017
The AV-Comparatives Guide to the Best Cybersecurity Solutions of 2017
 
Nazira Omuralieva - Susan Kaufman - Improving Application Security - Vulnerab...
Nazira Omuralieva - Susan Kaufman - Improving Application Security - Vulnerab...Nazira Omuralieva - Susan Kaufman - Improving Application Security - Vulnerab...
Nazira Omuralieva - Susan Kaufman - Improving Application Security - Vulnerab...
 
Antivirus Comparative junio 2014
Antivirus Comparative junio 2014Antivirus Comparative junio 2014
Antivirus Comparative junio 2014
 
Using Multiple Antivirus Engine Scanning to Protect Critical Infrastructure
Using Multiple Antivirus Engine Scanning to Protect Critical InfrastructureUsing Multiple Antivirus Engine Scanning to Protect Critical Infrastructure
Using Multiple Antivirus Engine Scanning to Protect Critical Infrastructure
 
Secure SDLC in mobile software development.
Secure SDLC in mobile software development.Secure SDLC in mobile software development.
Secure SDLC in mobile software development.
 
Avc fd mar2012_intl_en
Avc fd mar2012_intl_enAvc fd mar2012_intl_en
Avc fd mar2012_intl_en
 
Avc fd mar2012_intl_en
Avc fd mar2012_intl_enAvc fd mar2012_intl_en
Avc fd mar2012_intl_en
 
Avc fdt 201303_en
Avc fdt 201303_enAvc fdt 201303_en
Avc fdt 201303_en
 
The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...
The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...
The True Cost of Anti-Virus: How to Ensure More Effective and Efficient Endp...
 
Why Penetration Tests Are Important Cyber51
Why Penetration Tests Are Important Cyber51Why Penetration Tests Are Important Cyber51
Why Penetration Tests Are Important Cyber51
 

Measuring the Actual Security that Vendors Provide to Customers

  • 1. Measuring the Actual Security that Vendors Provide to Customers the need for AV product testing reform An executive session with Trend Micro CTO Raimund Genes and industry guests
  • 2.
  • 3.
  • 4. As a result … “ There is a desperate need for new standards for today’s anti-virus products. The dominant paradigm, scanning directories of files , is focused on old and known threats, and reveals little about product efficacy in the wild .” Williamson & Gorelik (2007)
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10. How long to respond to a new threat? … a metric that shows real differences among vendors.
  • 11.
  • 12.
  • 13.