Goodbye Anti-malware Signatures

Anti-malware signatures departure is imminent. For several years traditional antivirus companies are a few steps behind malware authors, unable to cover the millions of malwares created yearly.

For example, check the latest posts and hashes at Malware Traffic Analysis with VirusTotal. Often, many engines may not recognize new threats, even from known malware families and days after being published. It’s not limited to small and unknown companies, the biggest names also miss these new threats.

That’s why companies like Symantec, Kaspersky and Sophos are stepping up their game. Symantec recently announced its Endpoint Protection Cloud, a machine learning cloud-based product for SMBs, Kaspersky released a free anti-ransomware for business and Sophos introduced its Intercept X product, an exploit prevention software for endpoints.

Machine learning is not new as Carbon Black, Cylance and SentinelOne (among others) use it to detect malwares on the endpoint and a few also use it to detect malicious network traffic.

Sophos’ concept isn’t new as well, Palo Alto Networks’ Traps offers a similar protection for years as an antivirus software replacement product.

This trend isn’t stopping anytime soon and other traditional antivirus companies will continue to invest in new technologies, replacing the outdated signatures-based detection.

Next-generation cyber security startups, like Deceptive Bytes, are working on new and innovative ways to stop malwares, more on that to follow soon…