New weapons offer hope against advanced cyber-attacks

Uploaded on 2015-03-02 in TECHNOLOGY--Developments, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, TECHNOLOGY--Resilience

One of the most frightening things about modern cyber-attacks is that a breach can remain undetected within networks for weeks, months or even years. This time gives hackers the luxury of lateral movement within a network, meaning they can acquire better credentials, compromise more systems and search for the most profitable and most damaging information. And perimeter defense tools are almost worthless once hackers are quietly rampaging behind the lines. But malware has to communicate back to the hackers somehow, and new monitoring tools have emerged that can identify that traffic.

As such, traffic monitoring tools could very well be the next big thing in network security, protecting networks against cyber-attacks and helping even if a breach has already happened.
We evaluated security programs from Damballa, Lancope and LightCyber with traffic monitoring at their core. Because these programs require real-world traffic, the topography of which in some cases must be predefined, each was evaluated using a production environment provided by the companies. Each program was evaluated based on ease of use, accuracy, how quickly the program could be deployed and what level of customization and automation could be implemented.
While all three programs worked extremely well at identifying malware based on its communications, the Damballa Failsafe product was the easiest to use, had the best user interface and would be the quickest to deploy, an important consideration if an organization suspects that their network has already been compromised.
Lancope StealthWatch provided the most details about the communications going on within a network and the relationships between groups and devices, making it a useful tool for other things beyond security, such as network optimization or even capital planning.
And LightCyber Magna proved a perfect tool for detecting hidden threats that are trying to find specific data inside a network or elevate its privileges. It can also be useful in identifying insider threats.

http://www.computerworld.com/article/2887652/new-weapons-offer-hope-against-advanced-cyber-attacks.html

« You’ve been hacked. Now what?
Cybersecurity that thinks »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

GeoLang

GeoLang

GeoLang’s Ascema platform protects sensitive information at the content level by identifying, classifying and tracking data across the corporate infrastructure.

Cybersecurity Advisors Network (CyAN)

Cybersecurity Advisors Network (CyAN)

CyAN provides a not-for-profit platform that helps private and public organisations as well as governments to identify trusted advisors in the area of Cyber Security and Cyber Crime.

Romanian Association for Electronic Industry & Software (ARIES)

Romanian Association for Electronic Industry & Software (ARIES)

ARIES is the Romanian Association for Electronic Industry and Software, the biggest and most influental organization created for the IT&C industry in Romania.

Data Protection People

Data Protection People

Data Protection People are specialists in Data Privacy, Governance, and Information Security.

Data Terminator

Data Terminator

Data Terminator provide a comprehensive range of secure data destruction equipment and services are in compliance to US Department of Defense (DoD) and National Security Agency (NSA) standards.

Sompo International

Sompo International

Sompo International is a global specialty provider of property and casualty insurance and reinsurance services including Cyber & Network Risk.

Cytellix

Cytellix

Cytellix is an industry-standards-based, managed cybersecurity service provider, specializing in proactive behavioral analytics and situational awareness of an organization’s cyber posture.

SOFTwarfare

SOFTwarfare

SOFTwarfare deliver high-quality, reliable and secure enterprise application integrations through RESTful APIs for Cyber, Ops & Dev.

LogicHub

LogicHub

LogicHub is built on the principle that every decision process for threat detection and response can and should be automated.

WolfSSL

WolfSSL

wolfSSL is an embedded SSL/TLS library providing secure communication for IoT, smart grid, connected home, routers, applications, games, phones, and more.

Noblis

Noblis

Noblis is a dynamic science, technology, and strategy organization dedicated to creating forward-thinking technical and advisory solutions in the public interest.

NTT Group

NTT Group

NTT offers agile, scalable technology services to bring it all together seamlessly, securely, and sustainably. We help you adopt a holistic security approach across your network, clouds, applications.

Snare

Snare

Snare is a comprehensive set of event monitoring and analysis tools designed to address critical auditing and security requirements.

ETI-NET

ETI-NET

ETI-NET is the worldwide leader in managing critical data for industries that never stop.

AppSOC

AppSOC

AppSOC is a leader in Application Security Posture Management (ASPM) and Code-to-Cloud Vulnerability Management.

Anthropic

Anthropic

Anthropic is a Public Benefit Corporation, whose purpose is the responsible development and maintenance of advanced AI for the long-term benefit of humanity.