apts: filtering out the marketing hype to see the real threat
DESCRIPTION
A lot of marketing hype around Advanced Persistent Threats (APTs) has diluted what the actual threat is. In fact, many security vendors have convinced organizations that their products cover these types of threats, when really they just cover the usual suspects- malware, rootkits, and bots. But an APT is not so much a specific mechanism; it's bad people out to do bad things to a specific organization or individual for a specific bad purpose. In this webcast, Matt Olney, Senior Research Engineer of Sourcefire, the real-time adaptive network security solutions company, talks with Tim Zonca, Product Marketing Manager of Tripwire Log Center, about his concerns about APTs and the approach he thinks organizations must take if they're to ward off these very real threats. By listening to this webcast, you will: - Learn what an APT is compared to how it has been marketed - Hear about specific examples of APTs that have occurred recently - Understand why these threats are perhaps even more concerning than your garden-variety threats - Understand why out-of-the-box security solutions are basically useless against APTs - Learn what's essential to adequately address APTs Webcast available here: http://www.tripwire.com/register/apts-filtering-out-the-marketing-hype-to-see-the-real-threat/TRANSCRIPT
APTs: Filtering Out the Marketing Hype to See the Real Threat
IT SECURITY & COMPLIANCE AUTOMATION
Today’s Speakers
Matt Olney
Senior Research Engineer
Sourcefire
Tim Zonca
Product Marketing Manager for Tripwire Log Center
Tripwire, Inc.
Matthew OlneySenior Research EngineerSourcefire’s Vulnerability Research TeamTwitter: @kpyke
“APT: There are people smarter than you, they have more resources than you, and they are coming for you. Good luck with that."
It is no longer enough to simply out-run everyone else. You are on your own versus an adversary you’ll never see.
AssignmentGather
Intelligence
Select Targets
Profile Targets
Execute Attacks
Establish Foothold
(C2)
ExtractData
Continue gathering data within the organization
The attacker holds a major information advantage
…but that makes the small advantages we do have that much more important.
7
9
Different demands an explanation
Real-Time vs. Near-Real Time
Q&A
Matthew OlneySenior Research EngineerSourcefire’s Vulnerability Research TeamTwitter: @kpyke
Two roads diverged in a yellow wood……and unfortunately, you must travel
both.
The Reality of Defense
Not you
The Reality of Defense Scales
Definitely not you
The Bad Guys
IT SECURITY & COMPLIANCE AUTOMATION
Answers For Your Questions