A growing number of computer security thinkers, including myself, think that in the very near future, most computer security will be machine versus machine–good bots versus bad bots, completely automated. We are almost there now.
Fortunately or unfortunately, I don’t think we’ll get to a purely automated defense for a long, long time.
Today’s security defenses
Much of our computer security defenses are already completely automated. Our operating systems are more securely configured out of the box, from firmware startup to the operating system running apps in secure hardware-enforced virtual boundaries, than ever before. If left alone in their default state, our operating systems will auto-update themselves to minimize any known vulnerabilities that have been addressed by the OS vendor.
Most operating systems come with rudimentary blacklists of “bad apps” and “bad digital certificates” that they will not run and always-on firewalls with a nice set of “deny-by-default” rules. Each OS either contains a built-in, self-updating, antimalware program or the users or administrators install one as one of the first administrative tasks they perform. When a new malware program is released, most antimalware programs get a signature update within 24 hours.
Most enterprises are running or subscribing to event log message management services (e.
The post The #future of #computer #security is #machine vs #machine appeared first on National Cyber Security Ventures.