How to
Brianna Gammons
Aug 2016

How to Stop Today's Cyber Attacks: 3 Benefits of Behavior-Based Protection

Photo by Source

how-barkly-works-promo.jpg

Today's cyber attacks seemingly have two major things going for them: quantity and variability. But while the former is undeniable, the latter is a bit of an illusion. 


If you've been reading up on malware and cybersecurity chances are you may have come across this intimidating stat from AV-test.org

Over 390,000 new malware programs are reported every day.

As the person in charge of protecting your organization from viruses and infections how are you supposed to make peace with a statistic like that? Every morning you have to walk into the office knowing there are 390,000 new malcious programs out there, and all it takes is one of them finding its way onto a hapless user's machine for your day to take a very bad turn

The good news is that stat can be a little misleading, and if you have behavior-based endpoint protection, it can be a lot less scary. That's because while each of those "new" malware programs may indeed have a unique file signature, the truth is most are just disguised or slightly modified versions of existing malware.

In other words...  

Don't lose hope: Those malware programs may look new to antivirus, but the majority still behave the same way. 

That means behavior-based endpoint security can still recognize and stop them. To Barkly (for example), a file signature isn't what classifies a program as malware, it's what that program tries to do. As a result, focusing on behaviors instead of signatures allows us to provide endpoint protection that's more comprehensive and more effective in three very important ways:

3 Benefits of Behavior-Based Protection


1) It stops malware that slips past antivirus

Attackers routinely evade antivirus detection by making small changes to their malware, so antivirus can’t recognize its signature. But since the malware still operates in the same basic way, behavior-based endpoint security still recognizes it.

2) It even stops new attacks that haven’t been seen before

In order for signature-based security solutions like antivirus to block a piece of malware, a security researcher has to find a sample of the malware, analyze it, and create a signature for it that can be added to a black list. Of course, in order for that to happen, someone has to get infected first. 

In contrast, with behavior-based protection, no one needs to be infected before the malware is stopped. There are thousands and thousands of malware variants, but only a small fraction of common, fundamental behaviors they all rely on to do damage. By preventing those behaviors, you can stop both existing malware and new malware, even if there isn't a signature for it yet.  

3) It stops attacks immediately, before they do damage

By watching system processes for any signs of malicious activity, and by reacting to it in real time, behavior-based endpoint protection can identify and stop malware before it has the chance to cause any harm. 

 

How Behavior-Based Protection Works

Now matter what security software you currently use or you're considering, it's important to find out whether it incorporates a behavior-based approach to protection — and if so, how.

To get a better understanding of how Barkly’s software works, for example, check out the infographic below.

(Click the image below to zoom in and expand.) 

144-HowItWorksGraphic.gif

Signature-based security solutions still have their place, but in order to extend your protection to cover new and disguissed malware, you should really look into adopting solutions and approaches that are behavior-based.

To be clear, that doesn't always have to mean buying a new security product. In fact, we'll be following up this post with another one that shares different steps you can take to develop a behavior-based mindset without buying anything or spending a dime. 

In the meantime, if you're curious, you can still...

Get Barkly Free for 60 Days with Early Access

As an early access user, you’ll be able to install Barkly free on as many Windows 7 64-bit machines as you want. Use Barkly free for 60 days with live support available 9 AM - 5 PM EST. All you need to do is sign up by clicking the "Learn more" button below. We’ll make sure you’re a technical fit, then we’ll send you an access code to create your account within 1 business day.

Brianna Gammons

Brianna Gammons

Brianna is helping us grow an active community of security beginners and experts alike. She is exploring topics like security in healthcare and how to keep companies safe from ransomware.

lock-white.png

Close the gaps in your security

Stop paying for AV, get the strongest protection instead. See how Barkly blocks attacks that are getting past AV.

See a demo

Comments

Stay informed!

Get the latest security news, tips, and trends straight to your inbox.