A look at defence in depth presented at Virus Bulletin 2008

by Kenneth Bechtel (Team anti-virus),

Tags: Security

URL : http://www.virusbtn.com/conference/vb2008/abstracts/R_Bechtel.xml

Summary : "In the past I wrote a paper for the Secure Focus website on defence in depth. In that paper, the corporation was divided
into 'zones'. This paper was referenced and leveraged in the Team Anti-Virus 'ABCs of Corporate Malware Protection Handbook',
and integrated to the AVIEN corporate protection book published in August 2007. With this paper we hope to answer the
following questions: are the zones and presumptions that were identified still valid? What are new factors and variables that
need to be integrated in the defence in depth model? By reviewing and challenging existing perceptions, we will discuss
what modifications need to be made to meet current threats. This concept will not be limited to putting scanners at choke
points and desktops, but will include things like PMDF and website blocks, and other generic protective mechanisms. By
looking at the mechanisms the malware authors use, and comparing them to defensive countermeasures put in place, I hope to
be able to put in writing the current concept of best practices for a defence in depth model that can be communicated and
implemented by corporate practitioners. "