New
#11
I see that you guys concentrate your first and main line of defense/security in softwares based on blacklists mechanisms. This approach is a little bit wrong in these days, why? It's simple blacklists are outdated. In these days when new viruses are created very fast there is many 0-day threats which blacklists won't be able to detect - of course possibly it will be added to blacklists your favourite AV/AS/AM softwares but WHEN? after 5h? after one week? perhaps after 1 month or year? And when you are waiting for the new signatures to your software - you can catch this 0-day threat.
Summary, on the first place in your security arsenal should be:
1. Prevention (HIPS softwares, virtualization, sandboxes, SRP, LUA, UAC, DEP, and also FW - hardware/software or both)
2. Detection (AV/AM/AS)
3. Cure (backup software - image backup/data backup, ISR software)
The best protection is protection based on few layers, and remember security it's specify subject and everyone should choose optimal configuration for your self.