« How Does Intel Measure Security ROI? | Main | PayPal to Ban Unsafe Browsers »

Since my podcast a month ago with Bruce Schneier over the future of security (which you can listen for yourself right here), I've kept close watch on his prediction that security would keep getting more integrated and less obtrusive, until one day it was entirely encapsulated within the application or service you're using.

In another sign that this is in fact the direction the industry is going, last week Microsoft announced at RSA that they were looking to take a back-to-basics approach to security (is that sort of like saying 'Turn around and run from Vista as fast as possible!). According to Search Security, Microsoft is looking to prevent future infections and attacks by using features like whitelisting, futher integration of TPMs and more use of code signing.

While these approaches have already been put to use in Windows XP and Vista, Microsoft continues to search for ways to make the OS as well as core application smarter and more efficient in order to block the threats as early as possible, while making them more automated and less intrusive.

"The threats are more complex. It's a maze now. We're seeing on average about a thousand new threats every day," said Vinny Gullotto, head of Microsoft's Malware Protection Center. "I'd say back in the days of LoveLetter and Nimda, we would see about 500 a month. Signature-based technology should be a final backstop. Behavior monitoring should be the main defense."

Still, Microsoft acknowledged that targeted threats like rootkits and custom Trojans used in many spear-phishing attacks represent a unique problem that won't be solved by signature-based tools. And Gullotto predicted that we have not even seen the peak of the problem just yet.

Posted by pschooff in |Digg This|Add to del.icio.us

Trackback Pings

TrackBack URL for this entry:
http://www.ebizq.net/mt/mt-tb.cgi/3373