Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Report available on Incident response and the APT threat

Lancope : 09 May, 2013  (Technical Article)
Advanced Persistent Threats and Incident Response are the subjects of a cyber security report released by Lancope
Report available on Incident response and the APT threat

Lancope has released a new report entitled “APTs and Incident Response: The Next Frontier of Cyber Security.” The report examines recent trends in cyber-attacks and how organisations can more effectively address evolving threats by elevating the importance of incident response within their overall security strategies.

“Few organisations view their incident responders as the front line in their defensive posture,” said Tom Cross, director of security research for Lancope. “However, the intelligence gathered from investigating breaches is the vital ingredient that enables an organisation to thwart subsequent attacks; so in a very real sense, the incident response team should become the heart of everything an organisation does to protect its network.”

The Lancope report examines the rise of the Advanced Persistent Threat (APT) all the way from the coining of the term in the early 2000s and Operation Aurora in 2010, to the most recent attacks on the Wall Street Journal and New York Times. Third-party reports from Mandiant, Cisco and others are also referenced.

“According to the Enterprise Strategy Group (ESG), nearly three-quarters of organisations expect to be the target of APTs in the near future,” said Amrit Williams, CTO of Lancope. “Organisations need to realise that they are either compromised or will be soon and that traditional techniques need to be augmented with newer methods to provide visibility and control into all aspects of the internal environment.”

The report also discusses how NetFlow collection and analysis can help fill in the gaps in conventional security strategies for improved incident response. Using the recently uncovered “APT1” attacks as an example, Lancope demonstrates how technical indicators of an attack can be fed into a flow-based monitoring system to gather actionable security intelligence for preventing future attacks.

By combining flow-based behavioural analysis and in-depth security context, Lancope’s StealthWatch® System provides a comprehensive view of network activity to keep organisations a step ahead of sophisticated attackers. Lancope’s security capabilities are continuously enhanced with research from the StealthWatch Labs Intelligence Center (SLIC).

“When you are living with an advanced threat, you are playing a nonstop game of cat and mouse on your computer network,” adds Cross. “The need to collect and analyse intelligence isn’t a one-time requirement that occurs as the result of a single incident. It needs to be an ongoing part of any organisation’s defensive operation.”

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo