APTs

RSA Rises to the Challenge of APTs

Recent news around APT attacks have underscored the critical importance of improving our techniques for rapidly detecting, analyzing and responding to APTs. To foster research in this area, Los Alamos National Lab (LANL) recently released an anonymized dataset of DNS activity collected from their internal servers over a two months window (February and March 2013), overlaid…

The Danger of Denial

I was very surprised recently, in a conversation I had with someone I used to work with, to hear him remark that he didn’t think there is any such thing as stealthy, targeted attacks. His comment was something like “those warnings about APTs, targeted attacks, whatever you want to call them, is just a distraction…

Configuring the Human Firewall

Configuring the Human Firewall These days it seems every single attack out there is called an ‘APT’,  but the truth is that ‘real’ APT attacks are actually much more rare and are generally not in the public domain. When planning an APT, social engineering is the most important tool in the cybercriminal toolbox.  So how…

Telling the Story: Using Narrative in Talking about Security

I had the opportunity recently to speak about “Advanced Security” at the Evanta CISO Executive Summit event in Houston.  Just before going onstage for my presentation, I had a great conversation with David Frazier (Director of IT for Halliburton) about the approaches he’s taken not only in security strategy, but in discussing security with the…

Anatomy of an Attack

I was on a tour in Asia Pacific when I first heard the news about the attack. The investigation into this attack continues but I’m eager to share some information with you about it. Let’s first make sure everyone is on the same page. The number of enterprises hit by APTs grows by the month; and the…