Antivirus and Firewalls Can't Offer Complete Protection

Here's Why

Most exploits are delivered via the web and email, and both pass right through firewalls.
Security products cannot account for human error; people make mistakes and unwillingly or unknowingly download malware
Today's exploit kits automatically morph malware so that it is not detectable by antivirus.
Firewalls do not stop outbound data theft.
Signature lag means antivirus often doesn't know about the latest attacks.

Most antivirus and firewalls aren't built to identify the latest attacks-let alone capture or eradicate the threats once they get in.


Problem:

Computers Can't Spot Spearphishes


Antivirus programs and firewalls cannot detect spearphishing emails. Period. Only you and your colleagues, if properly trained, can detect spearphishing emails. If a user is not able to differentiate a regular email from a spearphishing emails, and he clicks on a link in the email, he will put your network at risk. Computers can’t detect spearphishes, they can’t report them to you, and they can’t automatically block them.

Problem:

Happy Clickers


Email bypasses firewalls altogether and goes straight to your users. When users click on a malicious email, like a phish or a spearphish, and take the action the attacker wants, such as downloading and executing a file, antivirus has a chance to find the attack. But when the antivirus misses it (and it usually does), the attacker wins.

Problem:

Morphing Exploit Kits


An exploit kit is a malicious toolkit that looks for security holes in your browser and uses them to inject malware. The trickiest part? Users don’t even have to click a bad link or download a nasty file by accident for them to work. They are designed to deliver malware regardless of user behavior. Worst of all, exploit kits can easily morph malware to avoid detection, rendering antivirus and firewalls useless.

Problem:

Password Theft


Firewalls are great at stopping attacks originating from outside your network. It’s the reason attackers don’t just log on to your computer via remote access. However, firewalls are not so good at blocking outbound connections. Because they’re not built to stop outbound traffic, they just let everything through. Attackers have figured this out and developed ways such as phishing to get inside, skirting right past firewalls to steal your passwords as users type them into fake webpages.

Problem:

Signature Lag


Antivirus programs use massive databases of known attacks and their signatures to try to catch threats. But if an attack hits your business using a brand-new signature that’s not yet in the antivirus database, it won’t be able to detect, quarantine, and remove the threat from your network. This is more common than you might realize, and causes major problems for organizations who only use antivirus and firewalls for defense.

DNS-Based Security Works-

Here's Why

DNS-based security works because it not only catches phishing and malware on its way in, but stops it from communicating out to the attacker. Here’s why it works.

One Step Ahead


By tracking attackers when they set up their campaigns, we can get ahead of attacks. We watch for malicious actors to:

  • Register domains
  • Set up phishing sites
  • Purchase malicious ads
  • Buy fake security certificates
  • What tools, i.e. malware, they use

This reconnaissance helps us see where they will strike next and stay one step ahead. Antivirus and firewalls simply can't do this.

Reinforce Education


When one of your users clicks on a phish, we intercept the traffic before it can communicate with the phishing site, stopping the attack before the attacker gets what they want. However, that’s not all. Strongarm goes beyond just stopping the attack. We use this opportunity to give the user who clicked on the phish some on-demand phishing education. We show them that they made a mistake in the moment and then talk to them about how to prevent these types of mistakes in the future. This is our way of helping you train all of your colleagues on what phishing emails look like. We will get to those last 5% of your clickers that slip through the cracks of your education campaigns.

Speak Malware


Strongarm monitors DNS traffic leaving your network. When a bad domain is detected, our DNS resolver returns Strongarm’s blackhole address instead of the attacker’s. This way, the victim system communicates with Strongarm instead of the attacker, effectively disarming and quarantining any potential infection for removal. This is why we say we “speak malware.” We know their language and can use it against them.

Automation


Automated attacks (like exploit kits) can only be defeated by automated detection and protection. To fight back, you need a way to instantly detect and respond to these types of threats. DNS-based security is the best way to accomplish this. Historically, there has been a clear speed gap between attackers and defenders. But the tides are quickly changing. Strongarm's DNS-based security solution automatically detects, quarantines, and removes the attacks before they can do damage to your network.