New weapons offer hope against advanced cyber-attacks

Uploaded on 2015-03-02 in TECHNOLOGY--Developments, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, TECHNOLOGY--Resilience

One of the most frightening things about modern cyber-attacks is that a breach can remain undetected within networks for weeks, months or even years. This time gives hackers the luxury of lateral movement within a network, meaning they can acquire better credentials, compromise more systems and search for the most profitable and most damaging information. And perimeter defense tools are almost worthless once hackers are quietly rampaging behind the lines. But malware has to communicate back to the hackers somehow, and new monitoring tools have emerged that can identify that traffic.

As such, traffic monitoring tools could very well be the next big thing in network security, protecting networks against cyber-attacks and helping even if a breach has already happened.
We evaluated security programs from Damballa, Lancope and LightCyber with traffic monitoring at their core. Because these programs require real-world traffic, the topography of which in some cases must be predefined, each was evaluated using a production environment provided by the companies. Each program was evaluated based on ease of use, accuracy, how quickly the program could be deployed and what level of customization and automation could be implemented.
While all three programs worked extremely well at identifying malware based on its communications, the Damballa Failsafe product was the easiest to use, had the best user interface and would be the quickest to deploy, an important consideration if an organization suspects that their network has already been compromised.
Lancope StealthWatch provided the most details about the communications going on within a network and the relationships between groups and devices, making it a useful tool for other things beyond security, such as network optimization or even capital planning.
And LightCyber Magna proved a perfect tool for detecting hidden threats that are trying to find specific data inside a network or elevate its privileges. It can also be useful in identifying insider threats.

http://www.computerworld.com/article/2887652/new-weapons-offer-hope-against-advanced-cyber-attacks.html

« You’ve been hacked. Now what?
Cybersecurity that thinks »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

SecureAuth

SecureAuth

SecureAuth delivers cutting edge identity and information security solutions for cloud, mobile, web, and VPN systems.

National Trading Standards eCrime Team (NTSeCT) - United Kingdom

National Trading Standards eCrime Team (NTSeCT) - United Kingdom

The National Trading Standards eCrime Team tackles online consumer scams, rip-offs and fraud, as well as those committed by text or email.

Canadian Centre for Cyber Security (CCCS)

Canadian Centre for Cyber Security (CCCS)

The Cyber Centre is the single unified source of expert advice, guidance, services and support on cyber security for government, critical infrastructure, the private sector and the public.

Rockwell Automation

Rockwell Automation

Rockwell Automation offer industrial security solutions to protect the integrity and availability of your complex automation solutions.

Jumpsec

Jumpsec

Jumpsec provides penetration testing, security assessments, social engineering testing, cyber incident response, training and consultancy services.

Global Learning Systems (GLS)

Global Learning Systems (GLS)

Global Learning Systems provides security awareness and compliance training programs for employees that effectively promote behavior change and protect your organization.

Flexera

Flexera

Flexera is reimagining the way software is bought, sold, managed and secured.

Onspring

Onspring

Onspring is the cloud-based platform of choice for governance, risk and compliance (GRC) teams and business operations experts across multiple industries.

NSO Group

NSO Group

NSO Group develops technology that enables government intelligence and law enforcement agencies to prevent and investigate terrorism and crime.

RackTop Systems

RackTop Systems

RackTop Systems is the pioneer of CyberConverged data security, a new market that fuses data storage with advanced security and compliance into a single platform.

Rocheston

Rocheston

Rocheston is an innovation company with cutting-edge research and development in emerging technologies such as Cybersecurity, Internet of Things, Big Data and automation.

StartupXseed Ventures

StartupXseed Ventures

StartupXseed Ventures is a smart capital provider for Deep Tech, B2B, Early Stage Startups. We support, NextGen Tech Entrepreneurs, who have potential to deliver the outsized growth.

Netpoleon Group

Netpoleon Group

Netpoleon is a leading provider of integrated security, networking solutions and value added services.

riskmethods

riskmethods

riskmethods helps you proactively identify, assess and mitigate supply chain risk. You need to master supply chain risk management—we can help.

East Midlands Cyber Resilience Centre (EMCRC)

East Midlands Cyber Resilience Centre (EMCRC)

The East Midlands Cyber Resilience Centre is set up to support and help protect businesses across the region against cyber crime.

Air IT

Air IT

Air IT are a responsive, client-focused and award-winning Managed Service Provider, helping clients achieve success and transformation through their IT and communications.

Virtual IT Group (VITG)

Virtual IT Group (VITG)

VITG is a cyber security-focused Managed Service Provider (MSP).

Complete Cyber

Complete Cyber

Complete Cyber provide professional cybersecurity services and products to help secure your infrastructure, systems and data.