Security firms have typically taken one of two approaches to protecting their customers: detect bad code and block it, or validate wanted applications and allow them to run. Yet determining whether a ...