Tier two security: How breach detection systems detect malware better

Tier two security: How breach detection systems detect malware better

Tier two security: How breach detection systems detect malware better

Date: Dec 11, 2013

In this webcast, John Pirc, research vice president at NSS Labs, explains what a breach detection system (BDS) is, how it works, why you need it and from what vendors to get it.

BDS, a tier two security system, is an increasingly necessary complement for established tier one tools (firewalls, antivirus software and the like). Its two-factor malware detection capability makes BDS a more effective tool for fighting the ever-evolving, always-changing threats to network and database security. It not only can detect malware infiltration attempts but also identify the particular heuristics of malware and inform infosec personnel when a breach attempt succeeds.

BDS is better suited for detection of malware in an era where there are so many threats circulating, it is impossible for IT security personnel to know of every possible one. Instead, BDS focuses on your specific attack surface and its vulnerabilities.

Pirc closes with a review of both established and newer start-up vendors for BDS, and makes the case that, today, smaller is often better when it comes to BDS vendors.

About the author: John Pirc is the research vice president at NSS Labs. A security intelligence and cybercrime expert, Pirc is the co-author of two books, Blackhatonomics: An Inside Look at the Economics of Cybercrime and Cybercrime and Espionage. Prior to his role at NSS Labs, Pirc was the director of security intelligence at HP Enterprise Security Products, where he led the strategy for next-generation security products. Follow him @jopirc.

More on Identity Theft and Data Security Breaches

  • canderson

    Rich Mogull's Data Breach Triangle: Rethinking data breach prevention

    VIDEO - Video: Rich Mogull says if you take away any one of the Data Breach Triangle's three key components, a breach becomes impossible. The Securosis CEO explains this unique perspective on data breach prevention.
  • canderson

    Despite OpenSSL security issues, industry needs open source SSL

    VIDEO - SilverSky CTO Andrew Jaquith says despite the recent Heartbleed flaw, the industry will stick with OpenSSL over commercially licensed SSL products. Jaquith also opines on the aftermath of the Target breach.
  • canderson

    NSA encryption backdoor: How likely is it?

    VIDEO - Video: BeyondTrust CTO Marc Maiffret discusses the likelihood of an NSA encryption backdoor and the rise in watering hole attacks and Web defacements.
  • Report: More than 90% of 2014 data breaches could have been prevented

    News - The Online Trust Alliance finds that over 90% of data breaches resulting in data loss could have been prevented.

    ( Jan 21, 2015 )

  • Hardware security issues prove tough to find, harder to fix

    News - News roundup: Recently discovered firmware flaws highlight the challenges posed by hardware security. Plus: Heartland's breach warranty; RSA's overhaul; and Download.com's app (in)security.

    ( Jan 16, 2015 )

  • rainbow table

    Definition - A rainbow table is a listing of all possible plaintext permutations of encrypted passwords specific to a given hash algorithm. Rainbow tables are often used by password cracking software for network security attacks.
  • Sony Pictures hack recap: Experts debate North Korea's role

    News - News roundup: The FBI maintains North Korea was behind the Sony Pictures hack, in spite of naysayers. Plus: Malware campaign attributed to Russia; new Mac OS X bootkit; cyberattack causes physical damage.

    ( Jan 09, 2015 )

  • POS malware (point-of-sale malware)

    Definition - Point-of-sale malware (POS malware) is malicious software expressly written to steal customer payment data -- especially credit card data -- from retail checkout systems. Criminals often purchase POS malware to steal customer data from a retail organization with the intention of selling the data rather than using it directly.

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: