Advanced persistent attack News
April 28, 2017
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the latest round of Equation Group cyberweapons and how Microsoft patched them.
April 07, 2017
News Roundup: 'Hand-to-hand' combat in State Department hack, APT29 has a stealth backdoor, the creator of the internet backs strong encryption, and more.
January 20, 2017
Researchers find the Carbanak gang has evolved its attacks on financial institutions to use Google services for command and control infrastructure in malware.
November 11, 2016
Roundup: Russia-based APT group Pawn Storm expands spear-phishing attacks after Google's disclosure of a Windows zero-day. Plus, OpenSSL updates, IoT security and more.
Advanced persistent attack Get Started
Bring yourself up to speed with our introductory content
Despite increasing levels of specialization, managed security service providers often don't understand the business you're in. That may be changing. Continue Reading
A constantly evolving threat landscape and a deepening skills crisis has more enterprises looking to a managed security service provider for help handling some of their security requirements. The trend is expected to drive strong demand for MSSPs over the next few years, especially in areas like intrusion prevention and detection systems, distributed denial-of-service mitigation, unified threat management and security information and event management (SIEM). Estimates for the overall size of the global market over the next few years range from the low $20 billion to $35 billion. That makes it one of the fastest growing segments in the security industry. What are the factors CISOs need to consider when choosing a managed security provider and what are some best practices for getting the most out of these relationships?
Enterprises have a range of options for using such services, from managed on-premises or managed customer-premise equipment services to fully outsourced, cloud-hosted options. A hybrid security model has worked for Arlington County in Virginia. The local government's security operations center is managed by in-house engineers who inherently know the network and are better positioned to respond to SIEM alerts from the MSSP. "We preferred the hybrid approach because we had the seasoned staff available to perform this aspect of the security practice," CISO David Jordan said. "It's a positive and successful approach, and the results are repeatable."
Much of the managed security provider growth is being driven by the need for increased security and compliance measures at small to medium-sized businesses. In this issue of Information Security magazine, we look at the evolution of the managed security provider and the best ways to handle these partnerships.Continue Reading
It's critical to apply security testing into your app, as cybersecurity affects everyone. Testing before production can help prevent attacks. Expert Gerie Owen explains further. Continue Reading
Evaluate Advanced persistent attack Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
Email attacks are getting more intricate, forcing Microsoft to reinforce its security services to protect end users. How well do you know the Office 365 Advanced Threat Protection features? Continue Reading
Skill shortages and budget constraints have lead some companies to adopt a hybrid approach to managed security. Is it time for CISOs to start looking for 'expertise as a service'? Continue Reading
See how security analytics tools can work for businesses looking for more from their security software, and what security analytics tools are right for certain business scenarios. Continue Reading
Manage Advanced persistent attack
Learn to apply best practices and optimize your operations.
In this excerpt from chapter 3 of Industrial Network Security, authors Eric D. Knapp and Joel Langill discuss the history and trends of industrial cybersecurity. Continue Reading
Mike Bartholomy of Western Union explains how the financial services company has embraced employee use of cloud services and how his team approves and secures these applications. Continue Reading
Signature-based detection and machine learning algorithms identify malicious code and threats. Expert Michael Cobb explains how both techniques defend networks and endpoints. Continue Reading
Problem Solve Advanced persistent attack Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
Why nation-state attribution plays a major role in the U.S. government's willingness to share cyberthreat intelligence with private-sector companies. Continue Reading
APT groups have been continuously exploiting a flaw in Microsoft Office, despite it having been patched. Expert Nick Lewis explains how these attacks work and how to prevent them. Continue Reading
Advanced persistent threats are a constant risk for enterprises, so the board needs to know about them. Expert Mike O. Villegas discusses how to effectively communicate about APTs. Continue Reading