Why advanced malware detection is key to cut through 'network noise'

Why advanced malware detection is key to cut through 'network noise'

Date: Mar 20, 2013

SAN FRANCISCO -- The South Carolina Department of Revenue data breach served as a perfect example of the sort of attacks enterprises now face. A workstation compromise eventually led to the exposure of millions of taxpayers' personal data, with South Carolina's IT security staff lacking the ability to detect the threat.

Much like the South Carolina data breach, a majority of companies lack the advanced malware detection capabilities to cut through the "network noise" that exists on all high-traffic enterprise networks and find the true threats that put sensitive data at risk, according to Qualys Inc. Chief Technology Officer Wolfgang Kandek.

In this video interview, recorded at the 2013 RSA Conference, SearchSecurity Editorial Events Director Lindsay Jeanloz asked Kandek how organizations can tone down the noise in their networks and detect advanced malware. Kandek also took time to discuss the findings of Mandiant Corp.'s APT1 report and the threat posed by targeted attacks that utilize legitimate security certificates.

More on Malware, Viruses, Trojans and Spyware

  • canderson

    Point-of-sale security: Targeted malware, Windows XP cause problems

    VIDEO - Video: Sophos' Chester Wisniewski explains why targeted malware and the presence of Windows XP are the biggest threats to point-of-sale security.
  • canderson

    How to mitigate the risk of Web malware infections with separation

    VIDEO - Web malware is a significant threat to systems. This video explains how separation effectively reduces the risk of damage from Web-borne malware.
  • canderson

    How to analyze malware with REMnux's reverse-engineering malware tools

    VIDEO - Video: Keith Barker of CBT Nuggets demonstrates how to use the free reverse engineering malware tools in REMnux to analyze malware in apps and PDFs.
  • equipment destruction attack

    Definition - An equipment destruction attack, also known as a hardware destruction attack, is an exploit that destroys physical computer and electronic equipment. Equipment destruction attacks can be enabled simply as a result of physical access to the computer hardware, along with a tool for attack – which could also be as simple as a hammer or a cup of coffee. However, remotely-initiated malware can also be used to destroy computer equipment.
  • domain generation algorithm (DGA)

    Definition - A domain generation algorithm or DGA is a computer program used to create domain names, typically for the purpose of propagating remotely controlled Web-based malware.
  • pre-installed malware

    Definition - Pre-installed malware is malicious software that is put on a machine before it is delivered to the user. New devices are usually assumed to be uncompromised but there are numerous reports of malware existing on new hardware.
  • P2P malware detection techniques

    Answer - The amount of malware using peer-to-peer communications has increased dramatically. Enterprise threats expert Nick Lewis explains how to detect P2P malware.
  • Sandbox evasion: How to detect cloaked malware

    Answer - Cloaked malware, like DGA.Changer, can reportedly evade sandbox detection. Nick Lewis explains how to handle the risk.

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: