March 22, 2011 at 3:52 pm #6219alucianParticipant
I have the same feeling about my company. I think we are in a deep s..t, and that we have to find the whole. Our alerts are too clean, and that’s not normal.
Being and insurnace company and haveing a lot of confidential data we should be more searched.
But… they are very comfortable they way things are, and are hoping that the tools will solve the problems (Arcsight, IDS, Firewalls, soon DLP) ???
I hope I will be able to convince them.
March 22, 2011 at 4:46 pm #38864R3B005tParticipant
My company recognized the criticalality of APT’s last year so we had Mandiant come by for some APT training and we picked up a Mir controller box, best security investment in years! We can easily identify any suspicious activity on client machines looking for signs of APT’s. I would highly recommend anyone interested in APT’s reach out to mandiant those guys practically wrote the book on identification and remediation of APT’s they also do some kick ass unknown binary analysis and offer up free versions of most of their tools.
March 22, 2011 at 5:11 pm #38865silParticipant
Yawn at APT. I advise you read the following two articles I wrote surrounding failures…
Cyber Warfare Analysis – You’re Doing It Wrong
Security Vendors Vow to Defend Against Cyber Boogeyman
March 22, 2011 at 7:09 pm #38866hayabusaParticipant
March 26, 2011 at 12:34 am #38867
November 3, 2016 at 9:48 pm #38868MkowaMotParticipant
If I have been dreaming for the last few years, I dont remember a single one. LoL.
Too bad, I suppose?
You must be logged in to reply to this topic.