Tier two security: How breach detection systems detect malware betterDate: Dec 11, 2013
In this webcast, John Pirc, research vice president at NSS Labs, explains what a breach detection system (BDS) is, how it works, why you need it and from what vendors to get it.
BDS, a tier two security system, is an increasingly necessary complement for established tier one tools (firewalls, antivirus software and the like). Its two-factor malware detection capability makes BDS a more effective tool for fighting the ever-evolving, always-changing threats to network and database security. It not only can detect malware infiltration attempts but also identify the particular heuristics of malware and inform infosec personnel when a breach attempt succeeds.
BDS is better suited for detection of malware in an era where there are so many threats circulating, it is impossible for IT security personnel to know of every possible one. Instead, BDS focuses on your specific attack surface and its vulnerabilities.
Pirc closes with a review of both established and newer start-up vendors for BDS, and makes the case that, today, smaller is often better when it comes to BDS vendors.
About the author: John Pirc is the research vice president at NSS Labs. A security intelligence and cybercrime expert, Pirc is the co-author of two books, Blackhatonomics: An Inside Look at the Economics of Cybercrime and Cybercrime and Espionage. Prior to his role at NSS Labs, Pirc was the director of security intelligence at HP Enterprise Security Products, where he led the strategy for next-generation security products. Follow him @jopirc.