Capabilities and Limitations of Enterprise Antimalware Suites

Standalone antivirus products have matured to encompass a variety of tools for securing endpoints in an enterprise setting. As the threats associated with malicious software increase in sophistication, so do the capabilities of antimalware tools. Understanding the capabilities and limitations of components that form such a suite is critical to selecting the right product and deriving value from it.

My recent article for the Information Security Magazine explains what components are typically incorporated into enterprise antimalware suites, discussing the following:

  • Traditional antivirus protection
  • Capabilities for spyware and rootkit protection
  • Host firewall and intrusion prevention
  • Securing the web browser
  • Safeguarding email communications
  • Cloud aspects of antimalware suites
  • Centralized management capabilities
  • Deployment considerations

Read the full article to understand what to expect from a modern antimalware suite in an enterprise setting. If you’re not a member of the SearchSecurity website, you can scroll past the initial footer of the page to read the full article.

Lenny Zeltser

Updated

About the Author

Lenny Zeltser develops products and programs that use security to achieve business results. He is the CISO at Axonius and Faculty Fellow at SANS Institute. Lenny has been leading efforts to establish resilient security practices and solve hard security problems for over two decades. A respected author and practitioner, he has been advancing tradecraft and contributing to the community. His insights build upon real-world experience, a Computer Science degree from the University of Pennsylvania, and an MBA degree from MIT Sloan.

Learn more