In the past anything that worked was good enough. Well that hasnt changed much but our options have. Is there a 'silver bullet' that can save me from everything, no. Here are a few options:
- Immunet: This is the free version of Cisco's FireAMP enterprise product. You dont get all the features, but you get unprecedented protection. This is more of a cloud based solution, so an internet connection is preferred. The agent sends the files finger print called the hash to the cloud to see if its malicious or not. If it doesnt know the hash, it will upload the file to 'detonate' in their sandbox and provide the verdict.