back to article Vulns, exploits, hacks: Trusteer touts tech to terminate troubles

Trusteer is expanding from its speciality of providing transaction protection security to financial institutions with an enterprise-level product designed to guard against zero-day exploits and social engineering. Unpatched application vulnerabilities in widely deployed endpoint applications (such as web browsers) can be given …

COMMENTS

This topic is closed for new posts.
  1. Gordon Fecyk
    WTF?

    Hey Apex: Make this product instead

    Apex will automatically stop applications from performing sensitive operations while in an unknown application state.

    I can do that already.

    If I could somehow sell a product that does this safeguarding for you... Hey Apex: Would you work on a product that does this instead of wasting CPU time analyzing running processes? I'd buy it, promote it, prostrate myself extolling its virtues, if only you'd produce it.

  2. John Smith 19 Gold badge
    Unhappy

    "Java exploits accounted for 98 per cent of the attacks"

    So.

    a) Disable Java if possible

    b) Disable windows installer service so s**t can't be installed willy nilly by users who don't know any better.

    c) Long term re-design your systems to not use Java on your desktop (browser or not).

    Any company sysadmins should ask themselves 2 simple question of every process running on any machine.

    1)What's it doing? 2)Why's it doing this?

    If you cannot answer either question to your own satisfaction perhaps it should be shut down and (at the very least) not allowed to auto start on boot.

    1. Gordon Fecyk
      Thumb Down

      Why blame MSIEXEC for Java exploits?

      Disable windows installer service so s**t can't be installed willy nilly by users who don't know any better

      Great, yet another pundit who thinks they can maintain Windows better than Windows can. Do you even know what the Windows Installer (MSIEXEC) service is? It's not Windows Update. You disable Windows Installer then you can't install anything made by anyone made anywhere. That includes built-in components.

      And what the hell does MSIEXEC have to do with Java exploits? MS abandoned their Java implementation yonks ago, and modern Java runs in user-space exclusively.

      If you want to stop users from installing stuff willy-nilly, do this.

  3. Forensics Bloke
    Mushroom

    Cant wait...

    After seeing Neil Kettle's 44CON presentation last year, can't wait to see what he makes of this!

This topic is closed for new posts.

Other stories you might like