New weapons offer hope against advanced cyber-attacks

One of the most frightening things about modern cyber-attacks is that a breach can remain undetected within networks for weeks, months or even years. This time gives hackers the luxury of lateral movement within a network, meaning they can acquire better credentials, compromise more systems and search for the most profitable and most damaging information. And perimeter defense tools are almost worthless once hackers are quietly rampaging behind the lines. But malware has to communicate back to the hackers somehow, and new monitoring tools have emerged that can identify that traffic.

As such, traffic monitoring tools could very well be the next big thing in network security, protecting networks against cyber-attacks and helping even if a breach has already happened.
We evaluated security programs from Damballa, Lancope and LightCyber with traffic monitoring at their core. Because these programs require real-world traffic, the topography of which in some cases must be predefined, each was evaluated using a production environment provided by the companies. Each program was evaluated based on ease of use, accuracy, how quickly the program could be deployed and what level of customization and automation could be implemented.
While all three programs worked extremely well at identifying malware based on its communications, the Damballa Failsafe product was the easiest to use, had the best user interface and would be the quickest to deploy, an important consideration if an organization suspects that their network has already been compromised.
Lancope StealthWatch provided the most details about the communications going on within a network and the relationships between groups and devices, making it a useful tool for other things beyond security, such as network optimization or even capital planning.
And LightCyber Magna proved a perfect tool for detecting hidden threats that are trying to find specific data inside a network or elevate its privileges. It can also be useful in identifying insider threats.

http://www.computerworld.com/article/2887652/new-weapons-offer-hope-against-advanced-cyber-attacks.html

« You’ve been hacked. Now what?
Cybersecurity that thinks »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

IPVanish

IPVanish

IPVanish has its roots in over 15 years of network management, IP services, and content delivery services. Now we're bringing these finely honed skills to VPN.

Convercent

Convercent

We offer comprehensive and integrated compliance management, reporting, and analytics. A 360-degree view of compliance drives efficiency by aligning initiatives and data into a single dashboard.

Penta Security

Penta Security

Founded on its data encryption technology, Penta Security is a leading provider of web and data security products, solutions and services.

TÜV Informationstechnik (TÜViT)

TÜV Informationstechnik (TÜViT)

TÜViT is a leading service provider in the IT sector offering unbiased and independent tests and certifications of IT products, hardware, software, systems and processes.

IBLISS Digital Security

IBLISS Digital Security

How cyber-resilient is your business now? We help companies to continuously answer this never-ending C-level question.

Kippeo Technologies

Kippeo Technologies

Kippeo is a security systems integrator providing innovative solutions that look at all the parameters and connect all the dots.

ProcessUnity

ProcessUnity

ProcessUnity is a leading provider of Third-Party Risk Management software, helping companies remediate risks posed by third-party service providers.

SecondWrite

SecondWrite

SecondWrite’s next-generation malware detection engine delivers a combination of automatic deep code inspection and accurate scoring of zero-day malware.

e-Careers

e-Careers

e-Careers is an edtech institution that provides industry recognised courses and up-skilling solutions to individuals and organisations.

FREE eBook: Practical Guide To Optimizing Your Cloud Deployments

FREE eBook: Practical Guide To Optimizing Your Cloud Deployments

AWS Marketplace eBook: Optimizing your cloud deployments to accelerate cloud activities, reduce costs, and improve customer experience.

Amvia

Amvia

Amvia is a fast-growing telecoms, Internet and Microsoft service provider. We supply voice, data and cyber security services to 100s of small and large companies.

NI Cyber Security Centre

NI Cyber Security Centre

NI Cyber Security Centre works to make Northern Ireland cyber safe, secure and resilient for its citizens and businesses.

ACL Digital

ACL Digital

ACL Digital, an ALTEN Group company, is a leader in design-led digital experience, innovation, enterprise modernization, and product engineering services converging to Technology, Media & Telecom.

Technivorus Technology

Technivorus Technology

Technivorus is a deep-tech firm delivering customized Cybersecurity, Digital Marketing, Web & App Development, and multifarious IT services for businesses across the globe.

Babble

Babble

Babble is a Unified Comms, Contact Centre and Cyber Solutions provider. We believe in making next-generation technology simple to use, deploy and manage.

Uptime Institute

Uptime Institute

Uptime Institute is an unbiased advisory organization focused on improving the performance, efficiency, and reliability of business critical infrastructure.