1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SOURCE 2016: It's behavior, not names, that gives attackers away

Discussion in 'CSO' started by RSS, May 19, 2016.

  1. RSS

    RSS New Member Member

    When it comes to Internet threats, the correct response to the Shakespearean question, “What’s in a name?” ought to be “Who cares?” according to Mike Banic.

    “The important thing is to look at what a threat is doing, not what it is,” he told an audience at SOURCE Boston 2016 this week, in a talk titled, “Understanding Attackers’ Use of Covert Communications.”

    “There seems to be a lot of pride in naming threats,” he said, “but a lot of them behave in similar ways, and you don’t need a signature to recognize that. The IP address and the URL may change, but the fundamental behavior will not.”

    Banic, vice president of marketing at Vectra Networks, one of about three dozen presenters at the annual event, said given the reality that “the perimeter is really porous,” effective security means being able to detect when an attacker is on the inside.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page