This content is part of the Security School: Knock advanced malware out cold with network anomaly detection
Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

How network traffic analysis helps defeat advanced malware

In this podcast learn how advanced malware works and why network traffic analysis is essential to protect your enterprise's network.

In this podcast, Peter Sullivan explores the nature of advanced malicious software, otherwise known as malware, and why security pros must change their focus immediately to include examining the interior of the network and not just its perimeter. Security processes that include network traffic analysis, he explains, is crucial to rooting out malware attacks before they’ve destroyed or compromised your network and data.

Using the Stuxnet malware as a case study, Sullivan notes how what distinguishes malware from advanced malware, including the latter’s ability to affect physical systems and its aim to compromise the integrity, confidentiality and/or operability of the victim’s data or systems. He reviews its key features and modes of operation.

What’s necessary now is a fundamental shift in how security teams approach the defense of their network. Denial of infiltration at the perimeter is only one part of an effective security strategy. InfoSec pros must now focus on both the perimeter and the interior of the network. Sullivan reviews the ways this can be done, including with network traffic analysis. This currently underutilized tool can help you fight back against advanced malware.


This was last published in July 2015

Dig Deeper on Malware, virus, Trojan and spyware protection and removal