Malware is becoming increasingly specific and stealthy, and is able to dodge signature based defence – and code writers understand that highly targeted attacks are even more difficult to detect.
Reacting to this, there has been the emergence of a new suite of products that go beyond the traditional signature based defences. IDC calls these products Specialised Threat Analysis and Protection, or STAP, which use mostly signature-free tech like sandboxing, emulation, and big data analytics to detect malware.
These can be based on the network level or at the endpoint, or both, and look for both inbound and outband traffic – scanning for anomalies in this data.
STAP products, IDC believes, should have a compound annual growth rate of 42.2 percent from 2012 to 2017, with revenues approaching $1.17 billion in 2017.
According to IDC research manager John Grady, they have become a “strategic necessity for many organisations, especially in the financial services and government sectors, with budget being quickly allocated to prioritise deployment”.