Security News > 2022 > December > S3 Ep114: Preventing cyberthreats – stop them before they stop you! [Audio + Text]
DUCK. OK, so application control is Sophos's name for the ability to detect, and optionally to block, software that is not malware, but that a well-informed administrator might not want to support in their environment?
DUCK. Now, my understanding is most so-called "Fileless malware" does involve files, probably quite a lot of files in its operation.
DUCK. Obviously, new files - you want to examine them; you don't want to miss malware that you could have detected.
DUCK. Because some people still have the idea that, well, if you really want to test a product, you just get a giant bucket full of malware, all in files.
FRASER. No! DUCK. That was just a precusor, an "I wonder what brand of smoke detectors they use?" kind of test.
DUCK. So a lot of malware back in those days, if you look at how they hid themselves; how they went into memory; polymorphism; all that stuff - a lot of them were a lot more complicated to analyse that stuff today.