AVIEN Guide to Managing Malware in the Enterprise

This exciting new publishing project is being undertaken jointly by AVIEN, the Anti-Virus Information Exchange Network, and AVIEWS, the Anti-Virus Information & Early Warning System. AVIEN members represent the best-protected large organizations in the world, and millions of users. When they talk, security vendors listen: so should you. AVIEWS members represent nearly all the major vendors in the anti-virus research community, as well as many other researchers and companies, and include many top experts.

The book we are currently working on (it's anticipated that there will be others!) is a guide to managing malicious software and related security issues within the enterprise. The uniqueness of this book lies in its partnership between highly experienced, highly qualified corporate security practitioners and the anti-malware research community, as represented by AVIEN and its sibling AVIEWS. The book therefore reflects the expertise of security administrators and managers at the customer coalface and the technical and developmental expertise of both industry and independent researchers.

The project management team includes David Harley (consultant, researcher, and author of/contributor to many security books and articles), Jeannette Jarvis, a security architect at Boeing, Robert Vibert (also a security author and consultant) and Andrew Lee, of Eset. Other contributors from the security industry include Igor Muttik, also from a major AV company; Ken Dunham, Director of the Rapid Response Team at iDefense, Ken Bechtel of Team Antivirus, Enrique Gonzales Ochoa of PandaSoft, and many others. Corporate contributors include representatives from banks, law enforcement, healthcare, aerospace, some of the most major software publishers and hardware manufacturers, academic institutions worldwide, and others like Michael P. Blanchard, Security Engineer for EMC2 Corporation.

This guide, written by some of the most knowledgeable systems administrators, security managers, and anti-malware researchers in the world, offers a unique insight into the nuts and bolts of enterprise security management. It combines technical depth and strategic breadth of vision in the difficult area of malicious code management, and no-one in the security management business can afford to ignore it.

Among those who are likely to find it of interest are systems administrators and managers, security administrators, security managers and other information security professionals, IT managers, IT support staff, human resources professionals, senior management, educationalists, anyone concerned with security and risk management from small businesses to global enterprises. Law enforcement professionals with a technological remit, government and other public sector policy makers, vendors of anti-malware and other security products and services, and the anti-malware research community will also be very interested. The book mainly addresses anti-malware technologies rather than specific products, but in the section on detection and forensics, there is an emphasis on commonly used analytical and defensive tools. It will be relevant to all levels of experience and expertise.

It covers the following main areas: the relationship between enterprise security professionals, vendors and researchers, stripping away the myths; an in-depth consideration of the 21st century threatscape, from viruses and hoaxes to spam and botnets; defense in depth as the cornerstone of enterprise security; systems security and DIY defense using a range of specialist detection and forensic techniques and tools; education and communications, from security in schools to the management of alerts and advisories; information security governance issues like policy, ethics and outsourcing; and a comprehensive resources section.

The book is due for publication by Syngress in July 2007. More information in due course: in the meantime, contact David Harley (david.a.harley@gmail.com) if you have queries.

This page was last updated on 1st December 2006.

 

 

 

small blue-green world 2006 ©