Tag: Network Reconnaissance

When I Attack – The Diary of an APT as It Moves Up the Kill Chain

Today I’m going to be speaking from the point of view of an attacker. But not just any attacker. I’m looking through the eyes of what our industry has deemed an Advanced Persistent Threat (APT). This is the beginning of a series of posts that will discuss what I will do as I move through the Kill Chain. READ MORE

School of NBAD Series: NBAD Behavioral Detection

NBAD monitoring of host behaviors on a network requires the use of sophisticated counters and indices. This method of advanced detection allows mature NBAD solutions to catch recon, targeted botnet infection and DDoS attacks. READ MORE

Dealing with Insider Threats

Insider threats are one of the hardest attack vectors to thwart. The advanced threat detection and forensic logging of the StealthWatch System can make it much harder for a trusted resource to become a turncoat. READ MORE

The Changing Nature of Incident Response, Part 2

We have become too reliant upon fully automated systems to detect and stop computer security breaches. People naturally desire a solution that will prevent all security incidents from occurring in the first place, but is it really reasonable to expect fully automated solutions to stop sophisticated attacks? READ MORE

Day Zero Is How Long??!

We would like to think that vulnerabilities do not remain zero-day for long, particularly if they are in the hands of attackers. Unfortunately, a recent report from Symantec Research Labs indicates that this is not the case. READ MORE