[SignMeTheHELLUp]

Just another reminder that antivirus is dead. Any antivirus can be trivially circumvented. Based on the level of incompetence of multiple antivirus developers over the past few years, and my own experience with antivirus slowing down and heating up my machine, antiviruses themselves are more trojans than anything.

[jrcii]

GPO with AppLocker (app whitelisting) seems to be a good solution for Windows, kind of a pain to setup though.

[JoshTriplett]

While that seems like a somewhat sensible approach for non-technical end users (modulo various kinds of runnable scripts), a whitelisting approach can't possibly work in an organization doing software development.

I can't think of any technological approach that would work in such an organization, short of completely redesigning end-user client systems.

[kevincox]

If I was to use antivirus it would have to be whitelisting. Everything else is a toy in my opinion.