Automating the Hunt for Hidden Threats

by Eric Cole, PhD
Sept. 1, 2017 0 comments SANS Institute intrusion detection

Medicine is helpful only if you understand what is wrong with the person and provide the proper remedy. The wrong medicine does no good and, in some cases, can make things worse. In a similar vein, many organizations spend lots of money on security but fail to apply remedies that make it harder for adversaries and control the damage caused by attacks. Organizations need to recognize that their networks are constantly under attack and actively hunt for patterns and indicators of attack.