Three Misconceptions About Bit9 Trust-based Security

https://blog.bit9.com/wp-content/uploads/2013/03/Security-300x225.pngWhen you’re in the business of protecting enterprise endpoints and servers from the potentially devastating effects of advanced threats and malware, you’re in a complicated and sophisticated line of work. And while we at Bit9 pride ourselves in how easy we make it for customers to deploy and manage our solution, there are some misconceptions out there about how the Bit9 platform works.

We get questions from prospective customers, the news media and industry analysts where we often have to correct erroneous assumptions about our Trust-based Security Platform. So it seems like a good time to blog about three of the most common misconceptions and set the record straight about how Bit9 establishes trust and prevents malicious code from executing in your environment.

Misconception 1: Managing the whitelist

A few people (well, maybe more than a few) still have a very old-fashioned idea of exactly what whitelisting is and how it works. Foremost among them is that it involves some gigantic list of trusted software that is difficult and frustrating to manage. The Bit9 solution is not a giant list of approved files or a whitelist. Santa Claus may have a lengthy list of who is naughty and who is nice, but Bit9 doesn’t. In fact, if you think of whitelists and Bit9, forget about the concept of a “list” completely. Instead, think about policies that govern what software can and cannot run in your environment. When using Bit9, IT professionals can “push” policies to users (IT-driven), as well as “pull” trust policies from the cloud (cloud-driven) depending on their security posture. By including cloud-driven policies, this allows users to run essential applications that have high-trust ratings, but may have been excluded from the original IT-driven policy. When initially deploying Bit9 in your environment, IT professionals can use our Software Reputation Service (SRS), which fuels our cloud-driven policies, to initially assess the software running on their servers and endpoints as well. Trust, and preventing malware from executing, is a byproduct of policies. Repeat after me: There is no list.

Misconception 2: The role of certificates in establishing trust

Another misconception involves how Bit9 uses or relies on digital code-signing certificates when determining what software is allowed to execute. First, Bit9 does not digitally sign third-party or customer files as part of the approval process. The Bit9 software never makes any binary change to users’ files. Second, there is a misperception that certificates are required to manage policies. Users can choose to approve software based on their digital certificates, but that is just one of many different ways in which approval policies can be established. Approvals can be made based on how software is delivered to a system, trusted repositories of software, authorized users, user roles and group memberships, and many other aspects. Many customers have deployed the Bit9 solution within diverse environments with no dependency on certificates at all.

Misconception 3: Antivirus is just as effective as Bit9’s approach

At Bit9, we believe the best way to protect your organization against targeted threats and advanced malware is to deploy a multilayer, defense-in-depth approach. There are two types of malware: the ones you know about, and the ones you don’t. Antivirus can be effective in stopping known threats—those with previously seen and logged signatures—which is important. But with more than 55,000 new malware signatures registered every day, and the increasing volume of highly targeted malware, antivirus can’t help you fight unknown and zero-day threats. Bit9 focuses on stopping advanced threats that antivirus can’t. Because of the way our solution is designed, we don’t need to see each unknown threat before it hits you; we simply block any software that is not approved to run based on your trust policies.

So there you have it. Three misconceptions about Bit9 laid to rest. Now we can get back to the business of protecting our customers against all the bad things that are trying to attack your endpoints and servers.

The Bit9 Trust-based Security Platform continuously monitors and records all activity on servers and endpoints to detect and stop cyber threats that evade traditional security defenses.

Contact us today for your free trial!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of the author. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided "as-is". The author shall not be liable for any damages whatsoever arising out of the content or use of this blog.
%d bloggers like this: