3. File Detonation Technologies
Businesses are also considering the deployment of file inspection technologies as part of enhanced detection, according to the Bit9 survey. Emerging capabilities from Palo Alto Networks and FireEye inspect documents and executable files in a virtual or sandbox environment. Levay said the file is run in the safe environment to scrutinize its behavior and determine if it is malicious. The systems determine if it drops registry keys or other suspicious files, he said.
"These are next-generation solutions where you are looking for threats that don't have a signature," Levay said. "Traditional antivirus is relatively useless unless the attack matches some sort of signature. Attacks that are brand new, used for the first time or customized for their target, are not going to be detected by antivirus."