Wednesday, June 2, 2010

Preparing for Apple Mac Malware

This SANS ISC article (
got me thinking again about the reality of Mac malware. What are
people using for AV scanning for Mac executables at their web and mail
gateways? As Macs increasingly make their way in the enterprise and
Apple continues to improve its market share, I assume that eventually
we will need to supplement host-based AV scanning on the Macs with
gateway-based AV defensive layers - just like we did to protect our
Windows endpoints.

What should we block at the web and email gateway level - all .DMG file, .PKG files, and OS X/MACH-O executables?

email: david @

No comments:

Post a Comment