Need for Speed: Streamlining Response and Reaction to Attacks

by Michael Butler
Sept. 1, 2017 0 comments SANS Institute incident handling

Despite their investments in endpoint security systems, organizations are waking up to the ugly truth that they are nearly blind when it comes to advanced attacks and malware lurking in their networks.”1 Advanced threats are getting into protected networks, spreading themselves to critical servers and avoiding detection by many of today’s security sensors. Because threats to endpoints have become increasingly advanced and are often sponsored and well-funded by malevolent organizations, we can no longer rely on traditional tools to protect ourselves. The zero-day threat has become more dangerous, enabling malicious actors to take advantage of vulnerabilities we may not yet know exist.2

https://www.sans.org/reading-room/whitepapers/analyst/speed-streamlining-response-reaction-attack...