Access "The evolution of threat detection and management"
This article is part of the Special Edition, May 2013 issue of Essentials: Threat detection
Cybercriminals of all persuasions now easily and routinely bypass existing enterprise security defenses by blending into the background noise of an organization’s operations. These advanced attacks now take place over months and years, subverting traditional malware-detection products that only scan for known malware at a given point in time. For example, a newly discovered Trojan called APT.BaneChant uses multiple detection-evasion techniques, including masquerading as a legitimate process, monitoring mouse clicks to avoid sandbox analysis and performing multibyte XOR encryption to evade network-level binary extraction technology. It also uses fileless malicious code loaded directly into memory and escapes automated domain blacklisting by using redirection via URL shortening and dynamic DNS services. Such attacks are testing the limitations of existing security analytics tools, and the recent Mandiant Corp. APT1 report shows just how long-running and sophisticated cyberespionage campaigns have become. According to the 2013 Cyber Threat Readiness survey ... Access >>>
Premium Content for Free.
The evolution of threat detection and management
by Michael Cobb, Application Security
Enterprises must understand the latest threat detection options to keep up with advanced cybercriminals who can bypass enterprise security defenses.
- The evolution of threat detection and management by Michael Cobb, Application Security
More Premium Content Accessible For Free
2013 Security 7 award winners revealed
In this special issue, we are revealing the winners of our Security 7 awards. This is the ninth year we've handed out the Security 7 awards, which ...
Next-generation authentication technologies emerge to restore balance
Cloud and mobility in the enterprise has caused a heightened need for organizations to take a closer look at next generation authentication ...
Virtualization security dynamics get old, changes ahead
Virtualization and cloud computing are part and parcel of enterprise networks today. Virtualization security, however, is still a bolt-on affair ...