티스토리 뷰
카테고리 없음
Global Column | 2018 security forecasts "A high-tech threat prevention, ATP comes the sun"
리동킴 2018. 1. 9. 14:14years, the cyber security industry has embraced a new mindset:
- Cyber security control is not very effective.
So intelligent cyber attackers can bypass it and hack into the network and run data leaks.
- Attempting to stop an attack is therefore essentially foolish, and organizations should focus on detecting and responding to an incident.
This logic spreads like wildfire in the industry and becomes an oversimplified reasoning. "An organization is divided into two: an infringed organization and an organization that does not know that it has been infringed."
I now admit that this reasoning is still some truth. In the past, many security technologies were designed to be more attack-aware than the zero-day threats, resulting in many holes. The network is open and open to attack.
Because of these shortcomings, many organizations are focusing on and investing in new technologies designed to detect threats. Malware sandboxes, User and Entity Behavior Analytics (UEBA), Endpoint Detection & Response (EDR), and network security analytics.
So what happened? Companies have been overwhelmed by the disagreement of new security data and security warnings, such as unconnected technology and piles. Many organizations then realized that there was no staff or technology to fully exploit this threat detection technology. In particular, the problem of cybersecurity lack of technology means that this situation will not change for the time being.
I have two problems. The first is that security controls are not effective, so excessive amounts of bad information are coming into the network, and second, threat detection is too loud and complex. Fortunately, the
introduction of new advanced threat prevention technology
was able to make a difference. Cyber security technology developers have introduced and advanced the Advanced Threat Prevention (ATP) technology. These tools are much more effective at reducing attack surface while blocking exploits, attack factors, and malware. There was also a derivative effect of reducing threat detection noise and complexity.
Leading companies will spend the year 2018 putting the following technologies in place to prevent advanced threats:
- Next-generation endpoint security software
The biggest advancement in endpoint security software is the addition of real-time analysis and machine learning algorithms for malware detection and blocking. These innovations provide even greater efficiency in detecting and blocking all types of threats. Actual Silence (Cylance) has been shaking the endpoint security market with machine learning for several years. Companies such as CrowdStrike, McAfee, Sophos, Symantec and Trend Micro have offered similar features. The CISO is expected to move quickly in this direction next year.
- Threat intelligence gateways
I've been watching Threat Intelligence gateways for several years now , and I can see that it can be quite challenging. Threat intelligence gateways are used by threat intelligence gateways, such as Centripetal Networks, Ixia, and LookingGlass Networks, to assess threats and then block the volume of threats at the network perimeter It has the potential to escape from intensive methods. Why not try it as a trusted network firewall? Because threat intelligence gateways can not track and block the volume of threats created.
- Secure DNS
Threat Gateway closely related security DNS services are designed to track and block malicious domains, realms, and associated IP addresses without user intervention. Cisco's OpenDNS is a leader in this area, but other service providers, such as Comodo, Infoblox, Neustar and others, offer similar services. Keep in mind that many free security DNS services are available, including the recently announced Quad 9 from IBM.
- Micro-segmentation
Cisco ACI and VMware NSX incorporate concepts such as firewalls, ACLs, and network segmentation that combine with the simplicity of software-based policy management and implementation. Others, such as Illumio, vArmour and ShieldX, offer similar multiplatform capabilities. CISO will use this technology more universally in 2018 to reduce overall attack surface significantly.
- Intelligent application controls
I am
thinking about tools that profile applications and determine the criteria for normal activity and then block activities that appear to be changing, abnormal or suspicious behavior. These include, for example, Edgewise, VMware AppDefense, and Threat Stack.
'Set-and-forget' security technologies do not really exist, but next-generation tools do not require ongoing management and support, such as legacy security controls, monitoring and analysis systems. This means that CISOs do not need the number of employees, the number of days of deployment and customization, and the number of staff training days to benefit from a secure investment.
Remember the old joke about the two men who must run faster than the bear. The first man says that the bear is useless because it is faster than the man. The second man replies. "I do not have to run faster than a bear, I just need to run faster than you."
In cyber security, cybercriminals, nuclear tivists, and state sponsored cyber - enemies are bears. ATP is not an all-around drug. However, clever CISOs will use these tools to rely on basic security controls and to move ahead of other organizations that have open attack surfaces.
- Cyber security control is not very effective.
So intelligent cyber attackers can bypass it and hack into the network and run data leaks.
- Attempting to stop an attack is therefore essentially foolish, and organizations should focus on detecting and responding to an incident.
This logic spreads like wildfire in the industry and becomes an oversimplified reasoning. "An organization is divided into two: an infringed organization and an organization that does not know that it has been infringed."
I now admit that this reasoning is still some truth. In the past, many security technologies were designed to be more attack-aware than the zero-day threats, resulting in many holes. The network is open and open to attack.
Because of these shortcomings, many organizations are focusing on and investing in new technologies designed to detect threats. Malware sandboxes, User and Entity Behavior Analytics (UEBA), Endpoint Detection & Response (EDR), and network security analytics.
So what happened? Companies have been overwhelmed by the disagreement of new security data and security warnings, such as unconnected technology and piles. Many organizations then realized that there was no staff or technology to fully exploit this threat detection technology. In particular, the problem of cybersecurity lack of technology means that this situation will not change for the time being.
I have two problems. The first is that security controls are not effective, so excessive amounts of bad information are coming into the network, and second, threat detection is too loud and complex. Fortunately, the
introduction of new advanced threat prevention technology
was able to make a difference. Cyber security technology developers have introduced and advanced the Advanced Threat Prevention (ATP) technology. These tools are much more effective at reducing attack surface while blocking exploits, attack factors, and malware. There was also a derivative effect of reducing threat detection noise and complexity.
Leading companies will spend the year 2018 putting the following technologies in place to prevent advanced threats:
- Next-generation endpoint security software
The biggest advancement in endpoint security software is the addition of real-time analysis and machine learning algorithms for malware detection and blocking. These innovations provide even greater efficiency in detecting and blocking all types of threats. Actual Silence (Cylance) has been shaking the endpoint security market with machine learning for several years. Companies such as CrowdStrike, McAfee, Sophos, Symantec and Trend Micro have offered similar features. The CISO is expected to move quickly in this direction next year.
- Threat intelligence gateways
I've been watching Threat Intelligence gateways for several years now , and I can see that it can be quite challenging. Threat intelligence gateways are used by threat intelligence gateways, such as Centripetal Networks, Ixia, and LookingGlass Networks, to assess threats and then block the volume of threats at the network perimeter It has the potential to escape from intensive methods. Why not try it as a trusted network firewall? Because threat intelligence gateways can not track and block the volume of threats created.
- Secure DNS
Threat Gateway closely related security DNS services are designed to track and block malicious domains, realms, and associated IP addresses without user intervention. Cisco's OpenDNS is a leader in this area, but other service providers, such as Comodo, Infoblox, Neustar and others, offer similar services. Keep in mind that many free security DNS services are available, including the recently announced Quad 9 from IBM.
- Micro-segmentation
Cisco ACI and VMware NSX incorporate concepts such as firewalls, ACLs, and network segmentation that combine with the simplicity of software-based policy management and implementation. Others, such as Illumio, vArmour and ShieldX, offer similar multiplatform capabilities. CISO will use this technology more universally in 2018 to reduce overall attack surface significantly.
- Intelligent application controls
I am
thinking about tools that profile applications and determine the criteria for normal activity and then block activities that appear to be changing, abnormal or suspicious behavior. These include, for example, Edgewise, VMware AppDefense, and Threat Stack.
'Set-and-forget' security technologies do not really exist, but next-generation tools do not require ongoing management and support, such as legacy security controls, monitoring and analysis systems. This means that CISOs do not need the number of employees, the number of days of deployment and customization, and the number of staff training days to benefit from a secure investment.
Remember the old joke about the two men who must run faster than the bear. The first man says that the bear is useless because it is faster than the man. The second man replies. "I do not have to run faster than a bear, I just need to run faster than you."
In cyber security, cybercriminals, nuclear tivists, and state sponsored cyber - enemies are bears. ATP is not an all-around drug. However, clever CISOs will use these tools to rely on basic security controls and to move ahead of other organizations that have open attack surfaces.
캐시 적립부터 유용한 콘텐츠까지, 돈버는 앱 '허니스크린'(Android 지원)
설치하기 : http://lomiu.kr/t5lzfbuq6e
글로벌 천만 유저가 선택한 잠금화면 속 꿀캐시
허니스크린은 캐시 적립부터 유용한 콘텐츠까지
알뜰하고 알찬 혜택을 제공하는 잠금화면 리워드앱입니다.
[캐시 모으는 방법]
1. 잠금 화면을 쓱 밀어 가볍게 적립하기
2. 관심 있는 광고는 자세히 보고 추가로 적립하기
3. 추천하는 앱을 설치하거나 브랜드 소셜페이지를 팔로우·좋아요하고 적립하기
4. 친구에게 추천하고 동시에 둘 다 적립하기
[적립한 캐시 사용법]
1. 스타벅스·투썸플레이스·이디야 등 11곳의 카페에서 사용하세요.
2. 버거킹·KFC·뚜레쥬르·파리바게트 등 34곳의 프렌차이즈에서 사용 가능합니다.
3. GS25·CU·세븐일레븐 편의점에서 사용할 수 있습니다.
4. 해피머니·팀캐시·문화상품권으로 유료 아이템을 구매하여 게임도 즐겨보세요.
5. CGV·레진코믹스·지니 등 영화·웹툰·음원도 구매해보세요.
6. 그 외 백화점·소셜 커머스·통신사·기부 단체 등 약 70개의 스토어를 이용하세요.
7. 물론 환급 요청을 통해 통장으로 현금을 입금 받을 수 있습니다.
댓글
공지사항
최근에 올라온 글
최근에 달린 댓글
- Total
- Today
- Yesterday
TAG
- #북한
- #trump
- #미국
- #구디역
- #잉글랜드
- #맨시티
- #평촌
- #리중딱
- #허니스크린
- #트럼프
- #구로디지털단지
- #남북
- #
- #평창올림픽
- #4호선
- #기사
- #검은사막
- #EPL
- #구로디지털단지역
- #리버풀
- #남한
- #무술년
- #프리미어리그
- #범계역
- #김정은
- #뉴스
- #평창
- #맨유
- #구디
- #잠금화면 리워드 앱
| 일 | 월 | 화 | 수 | 목 | 금 | 토 |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | |||
| 5 | 6 | 7 | 8 | 9 | 10 | 11 |
| 12 | 13 | 14 | 15 | 16 | 17 | 18 |
| 19 | 20 | 21 | 22 | 23 | 24 | 25 |
| 26 | 27 | 28 | 29 | 30 | 31 |
글 보관함