HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 63 guests online
EH-Net News Feeds
Latest Additions
 
Advertisement

You are here: Home arrow Forum arrow Resourcesarrow Mass Mediaarrow Very interesting article
EH-Net
May 26, 2012, 02:55:47 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Advertise on EH-Net!! - Reasonable Rates, Highly Targeted Audience.
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Very interesting article  (Read 7048 times)
0 Members and 2 Guests are viewing this topic.
alucian
Full Member
***
Offline Offline

Posts: 190



View Profile
« on: March 22, 2011, 10:52:15 AM »
http://www.infoworld.com/d/security/prepare-advanced-persistent-threats-or-risk-being-the-next-rsa-180?page=0,0

I have the same feeling about my company. I think we are in a deep s..t, and that we have to find the whole. Our alerts are too clean, and that's not normal.
Being and insurnace company and haveing a lot of confidential data we should be more searched.

But... they are very comfortable they way things are, and are hoping that the tools will solve the problems (Arcsight, IDS, Firewalls, soon DLP)   Huh

I hope I will be able to convince them.
Logged
CISSP ISSAP, CISM/A, GWAPT, eCPPT, OSWP
R3B005t
Newbie
*
Offline Offline

Posts: 43


View Profile
« Reply #1 on: March 22, 2011, 11:46:06 AM »
My company recognized the criticalality of APT's last year so we had Mandiant come by for some APT training and we picked up a Mir controller box, best security investment in years!  We can easily identify any suspicious activity on client machines looking for signs of APT's.  I would highly recommend anyone interested in APT's reach out to mandiant those guys practically wrote the book on identification and remediation of APT's they also do some kick ass unknown binary analysis and offer up free versions of most of their tools.
Logged
sil
Hero Member
*****
Offline Offline

Posts: 536



View Profile WWW
« Reply #2 on: March 22, 2011, 12:11:59 PM »
Yawn at APT. I advise you read the following two articles I wrote surrounding failures...

Cyber Warfare Analysis - You're Doing It Wrong
https://www.infosecisland.com/blogview/12529-Cyber-Warfare-Analysis-Youre-Doing-It-Wrong.html

Security Vendors Vow to Defend Against Cyber Boogeyman
https://www.infosecisland.com/blogview/12663-Security-Vendors-Vow-to-Defend-Against-Cyber-Boogeyman.html
Logged
http://www.infiltrated.net/mgz/puppylecter.jpg
hayabusa
Hero Member
*****
Offline Offline

Posts: 1304



View Profile
« Reply #3 on: March 22, 2011, 02:09:06 PM »
<nod>
Logged
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'

OSCP , GPEN, C|EH
alucian
Full Member
***
Offline Offline

Posts: 190



View Profile
« Reply #4 on: March 25, 2011, 07:34:15 PM »
@R3B005t 
I will look further at what you propose.

@sil
As always, you are a great help. I will look deeper at your articles and I will try to adapt your advices.
My only obstacle is the mentality of others, but I will beat them  Smiley

Thanks again!
Logged
CISSP ISSAP, CISM/A, GWAPT, eCPPT, OSWP
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.16 | SMF © 2011, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.118 seconds with 21 queries.
 

gk_static-ad_feb2012.jpg
Global Knowledge: Build Security Skills to Protect & Defend

els_130x200fixed2.gif
eLearnSecurity Student Course Now Live!
5% Off with Code
ELS-EH-5

SANS Deals 4 EH-Netters
$150 OFF Any SANS Course in Any Format!
Coupon Code: EHN_Connect Including SANS Security West 2012 & SANSFIRE 2012
Recent Forum Topics

cbtnuggets_logo_125.jpg
Try CBT Nuggets Free!

Vote For EH-Net

Add to Technorati Favorites
technorati fave

 
         
Advertisement

© 2012 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.