{"id":13174,"date":"2018-08-23T06:00:06","date_gmt":"2018-08-23T14:00:06","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2018\/08\/23\/news-6941\/"},"modified":"2018-08-23T06:00:06","modified_gmt":"2018-08-23T14:00:06","slug":"news-6941","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2018\/08\/23\/news-6941\/","title":{"rendered":"Simplifying and Prioritizing Advanced Threat Response Measures"},"content":{"rendered":"

Credit to Author: TJ Alldridge| Date: Thu, 23 Aug 2018 12:09:31 +0000<\/strong><\/p>\n

\"\"<\/p>\n

I had to go to the doctor the other day because I was miserable and sick. I don\u2019t like going to the doctor so I waited until my stuffy nose and congestion turned into a full blown sinus infection. The doctor said this thing was going around, and I should be better in a few day with my prescription. Where did I catch this demon inside my face?\u00a0 Was it the plane?\u00a0 Was it the hand rail on the shuttle bus? Was it the gas station pump? Was it my kids? Wouldn\u2019t it great if you could ask your doctor, \u201cSo doc where did I catch this?\u201d and have the doctor say, \u201cOh you picked this up from the shopping cart at the grocery store on 4th<\/sup> Street, and it look like 25 other people caught it too.\u201d<\/p>\n

Your doctor can\u2019t do this yet but IT security professions can.<\/p>\n

Trend Micro recently introduced<\/a> advanced analytics capabilities for its network security solution, Deep Discovery\"\u2122\". These new capabilities will help IT security professionals understand more about the attacks on their networks. By correlating the event data from Deep Discovery Inspector<\/a>, Deep Discovery Director \u2013 Network Analytics<\/a> will simplify and help prioritize advanced threat response measures for security professionals. Essentially allowing them to answer the question I was asking my doctor above. Where did I catch this? But it won\u2019t stop there. Deep Discovery Director \u2013 Network Analytics will not only show the first point of infection, but it will also track where the threat has spread \u2013 showing who else has been impacted, and what external severs it is reaching out to such as command and control servers. As many attacks take place over several days, it is hard to comb through all the events and logs to piece together an entire attack. Now with a click of the mouse it will show the entire attack life cycle going back 90 days. This visibility and real-time reporting can be invaluable when management is asking for details about the latest threats or outbreak.<\/p>\n

\"\"<\/p>\n

Attacks that slip past perimeter protection solutions can go undetected in the network for months on average.\u00a0Lateral movement<\/a> detection should be a top priority, however most advanced threat solutions only monitor north\/south traffic. Deep Discovery Inspector will monitor north\/south and east\/west traffic<\/a> with the same device. This reduces the number of devices and all the management and logistics that go along with them. As seen in the screen shot above lateral movement is a key part of this attack and if it is not monitored the threat can spread across the network unbeknownst to the security team.<\/p>\n

If you are using Deep Discovery Inspector to monitor your network ask your Trend Micro contact about Deep Discovery Director \u2013 Network Analytics and see how it can help you correlate, prioritize and simplify the events reported by Deep Discovery Inspector.<\/p>\n

If you using another product for advanced threat detection consider using Deep Discovery to help augment your current deployment by monitor the east\/west traffic and provide threat analytics, while your existing solution monitors the north\/south traffic.<\/p>\n

It is never too late to get a second opinion.<\/p>\n

The post Simplifying and Prioritizing Advanced Threat Response Measures<\/a> appeared first on <\/a>.<\/p>\n

http:\/\/feeds.trendmicro.com\/TrendMicroSimplySecurity<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: TJ Alldridge| Date: Thu, 23 Aug 2018 12:09:31 +0000<\/strong><\/p>\n

\"\"<\/p>\n

I had to go to the doctor the other day because I was miserable and sick. I don\u2019t like going to the doctor so I waited until my stuffy nose and congestion turned into a full blown sinus infection. The doctor said this thing was going around, and I should be better in a few…<\/p>\n

The post Simplifying and Prioritizing Advanced Threat Response Measures<\/a> appeared first on <\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10413],"tags":[1001,18783,10384,19288,714],"class_list":["post-13174","post","type-post","status-publish","format-standard","hentry","category-security","category-trendmicro","tag-business","tag-deep-discovery","tag-network","tag-network-analyzer","tag-security"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/13174","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=13174"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/13174\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=13174"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=13174"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=13174"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}