Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Endpoint Security Blog
Showing posts tagged with Endpoint Protection (AntiVirus)
Showing posts in English
Blake M | 17 Nov 2010 | 0 comments

With all of the options in the marketplace today, small businesses must secure customer trust and loyalty to remain competitive. Regardless of the industry, their customers are looking for the best quality, value and service and they will quickly move on if their needs are not met. They also want to know that their personal information, like their credit card numbers and bank account information, is protected when they deal with a small business.

Today, so much of our valuable information resides on computers. It’s how we work. So it is expected that small businesses would be concerned about keeping their customers’ personal and financial information safe. In fact, according to the recent Symantec 2010 SMB Information Protection survey, almost three-quarters of SMBs are somewhat/extremely concerned about the loss of crucial business information. This does not come as a surprise when you consider that 42 percent have actually lost confidential or proprietary...

dschrader | 01 Nov 2010 | 0 comments

Garrett Bechler, a Security Solutions Architect at Symantec has put together a valuable list of tips to reduce the impact of SEP in VDI infrastructures.  With his permission, I thought I would post them here.  These are approaches that have been used in some larger (15-20K node) VDI instances to help ensure that SEP has minimal impact.

1)      Upgrade VDI devices (And SEPM) to latest build of SEP in order to take advantage of the new Resource Leveling settings introduced in SEP 11 06, including Scan Randomization and Content Randomization.

2)      Use the content randomizer in the client communication settings to randomize definition and signature delivery. Based on client density we have found the following to be a pretty decent guideline based on a 1 hour client pull based heartbeat:

a.      25-30 VDI instances per host – 2 hour randomization

b.  ...

Art G | 26 Oct 2010 | 1 comment

Marketers love to boast about the performance of their products.  However, it is not always clear what is meant by “performance”.  Are we talking scan speed?  Memory use?  CPU utilization?  Impact on boot up times?  Impact on opening files? . . . .  
It turns out there is no one definition of performance.  The impact on the user’s experience due to any piece of software will vary based on the user’s systems, what they are running or doing, time of day, phases of the moon – you get the idea, lots of variables.
Symantec has been grappling with how to measure performance for quite a while.  Historically, our development team pegged a few key metrics (scan speed, memory, …) and thought they had a handle on the performance issue.  Some of our users seemed to have a different experience.  So we went out and found experts on performance testing –...

Justin.Somaini | 05 Oct 2010 | 1 comment

We recently surveyed 1,580 private businesses worldwide that are involved in industries termed critical infrastructure providers, i.e., their industries are of such importance that if their cyber networks were successfully attacked and disabled, it would result in an actual threat to national security.

Our survey measured the awareness among private companies of efforts by governments to institute critical infrastructure programs, whether or not companies would be willing to cooperate with governments in those efforts, and the state of readiness of companies to ward off nation-wide attacks targeted at specific industries. A recent example of this type of attack is the Stuxnet worm and how it targeted energy companies around the world.

The survey revealed that critical infrastructure providers’ networks are being attacked. Fifty-three percent of respondents...

Hear4U | 21 Sep 2010 | 0 comments

“It can’t happen to me”

Hunters and gatherers. Most people think of cybercrime against business to be the work of hunters such as cybercriminals who target then infiltrate a company to steal from it. Reading the newspaper, it’s easy to convince yourself that these hunters are after big game and a small business does not have to worry about these targeted attacks. Maybe; however, we’ll talk more about that later. The majority of cybercriminals can best be described as gatherers. They throw wide nets and take advantage of whatever victims land in those nets. Small businesses really must watch out for the gatherers.

Because the barrier of entry is low, there are many gatherers. A gatherer doesn’t have to be a criminal genius. They don’t even need advanced computer skills. They really don’t need to know much at all—except where to buy a toolkit. Toolkits allow criminals with limited skills...

riva11 | 03 Sep 2010 | 2 comments

Forgot the local admin password ? If you don't have any other chance try to recover it. There are some ways to recover a password, I found a safe and quick tool to perform this hack job... the NTPWEdit tool loaded in a bootable USB key.

NTPWEdit is a free tool ( GPL ) that allows to change or remove passwords for local system accounts. This tools supports Windows NT based systems (like Windows 2000, XP and Vista), but could be used also to reset the password of a Windows 7 systems.

Some methods for use this program:

1. Boot Windows PE or BartPE environment from CD-ROM and launch NTPWEdit.
2. If system partition formatted in FAT filesystem - boot DOS from floppy disk, copy SAM file to floppy, edit this file on another computer and copy it back.
3. If system partition formatted in NTFS file system...

Paul Murgatroyd | 12 Aug 2010 | 23 comments

Hi All,
I just wanted to take some time out and talk about RU6 MP1.  As you may have seen, there are some people on Connect anxiously awaiting its release for a number of reasons.
While I cannot give you a definite date at this point, I can tell you it should be available soon.  We hoped to have it out by now, but there is one last issue which we have to fix before we can release.  RU6 MP1 is a maintenance patch for RU6 and RU6a and because of this, its very much focused on customer defects (somewhere around 80 by the time we ship), although we are adding one new feature for you.
Some of the issues which are currently fixed (and should be released) are:
1925607: DWHxxxx.tmp files are being scanned and re-detected when new definitions arrive and during scheduled scan
Most of you are fairly aware of this one.  We think we have it nailed for the most part,...

khaley | 15 Jun 2010 | 4 comments

There are a lot of big numbers being thrown out in the security world these days.  Seems like every week a new stunner comes out.  Last week we  announced the discovery of 44 million stolen credentials from gamers. 
So given all those headlines you may have missed a very telling one.  The FTC reported that a scareware (what we call a misleading application or rogue security) vendor between 2004 to 2008 made $163,167,539.95.
We've done a lot of estimation on the size of the underground economy.  But we’ve never been able to examine the books for...

khaley | 07 May 2010 | 2 comments

One of the smartest security guys I ever knew once said “It’s about the endpoint stupid.”  Now that part about stupid was rhetorical, not directed at me.  I think.  But what he meant was that the most important things to protect were the endpoints.  Not that other parts shouldn’t be protected, but that the endpoints were the critical pieces.  And recent facts have backed him up.
Look at the latest ISTR numbers.  In 2009 four out of the top five targeted vulnerabilities were client-side vulnerabilities.  The largest cause of breaches in 2009 were  lost or stolen endpoints (laptops in this case).  And even when information was stolen via hacking, the hacker was targeting the endpoints.  It’s much easier to get inside an organization by planting malware on a client system, then to attack a well guarded server or break through a firewall.  And if the Hydraq attacks...

JimW | 08 Mar 2010
It is funny how history repeats itself over and over again. A new “secure” operating system comes out and people think they don’t need to use an endpoint security solution for protection against malware. For Mac’s we have heard it for years and now with Windows 7—since it looks like it is more secure than earlier versions from Microsoft—the same rumor spreading. Well, looks can be deceiving, and when it comes to the security of your PC, and those deceiving looks can be dangerous.
I saw some not so surprising results from our survey, “Symantec’s 2010 State of Enterprise Security,” which supported the anecdotal information. Seventy-three percent of the people taking the survey reported that they believe Windows 7 will either significantly improve or somewhat improve endpoint security. This concerns me because they are the people who are now getting infected by malware since they will probably loosen...