Prevention vs. Detect and Respond
It’s clear that it is not viable to rely on solutions that only seek to detect malware AFTER it has executed. Dell has overcome these challenges by offering the first and only machine learning-based pre-execution detection environment. The main challenge in the pre-execution environment is to analyze the program and determine if a file is good or bad based purely on the information in the file itself, and then do that at a sustainable, massive scale. The ability to do this across a huge number of samples is important because modern malware creation is automated. Today it is trivial for attackers to mutate a piece of malware. Manual generic signatures (emulation- or heuristic-based) were good for protection when malware creation was manual, but not anymore.