<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1626328370711236&amp;ev=PageView&amp;noscript=1">
banner-blog.jpg

blog

Detection Doesn't Stop Attacks, So I'm Joining Menlo Security

detection-dead

Today I joined Menlo Security and the reason is simple: After spending more than a decade in the security industry it’s become clear that detection-based security technologies are losing the war against cyber attacks. By joining Menlo Security I’ll be able to help organisations to end attacks delivered via Web and email and push the major fronts of the cyber war back outside of their enterprises.

I’ve worked with many different security technologies, but in the end they all depend on the ability to detect an attack in order to stop it. Detection-based security is like a blood test: It can tell you what you’ve caught, but it doesn’t prevent an infection. Cyber attacks are evolving too quickly for any detection method to be effective for prevention: As soon as we create and deploy a new detection system the attacks evolve to avoid it.

Menlo Security has created an Isolation Platform that web content & email links are rendered through, ensuring all content - Javascript, Java, Flash & other plugins are executed inside the Isolation platform and NOT on the end-user browser. The end-user experience remains the same but the risk of browser compromise, for example a Flash exploit, is now fully removed. There’s more detail about how it works here. The Isolation Platform also defeats phishing by preventing users from entering data into phishing sites – this is a major advance against social engineering attacks, which are among the most dangerous and hardest to prevent.

Email and web remain the top 2 vectors of attack for businesses today. Menlo Security is taking these risks off the table, allowing security teams to catch their breath and focus more attention on other issues such as insider threats rather than chasing down endless security alerts, reclassifying blocked Websites and cleaning infected devices.

The Menlo Security Platform is very easy to try – and this addresses another key issue I’ve dealt with when introducing new security technologies. There’s no appliance or endpoint software – it works with your existing device, OS and browser – and an evaluation of the SaaS offering can be set up in minutes.

I’m excited to be part of a transition that moves from trying to detect bad stuff, which we know can never be completely effective, to the Isolation of everything to eliminate threats once and for all.

So goodbye detection, hello Menlo Security!

Tags: malware, phishing, flash, java, Detection

Connect with us

Lists by Topic

see all

Recent Posts