NetWitness - Total Network Knowledge™ - Webcast - Why So Many Threats Are Evading Your Detection Infrastructures?

How to Stop Serious Threats from Evading Detection

Amit Yoran, CEO of NetWitness, shows how and why serious network threats are evading detection and what you can do to discover these problems quickly and effectively.

Topic: How to Stop Serious Threats from Evading Detection
Time: Available on Demand

Coming in May!

Co- hosting with SANS

Topic Description:

Many of today’s network threats are evading detection by your perimeter defenses – whether you know it or not. That’s because most organizations have developed an over-reliance upon perimeter-based, network-layer focused defenses. The flawed assumption is that deployed network countermeasures will have signatures or profile-based foreknowledge of a given threat. As proven through numerous serious security breaches over the last few years, however, most signature and log-file-based security solutions are already entirely obsolete.

Consider STORM: a daily polymorphic, self mutating, encrypted, P2P, worm Trojan with compartmentalized botnet functionality. Also think about any number of successful spear phishing attacks combined with low and slow “beacon Trojan” footholds that have been placed inside victim networks – all of which have been invisible and entirely undetected by current detection countermeasures.

This Webcast focuses on the true nature and sources of today’s threats, and proven solutions, both technology and operations- related, required to solve this problem. We will describe an effective operational plan of action consisting of the use of automated reporting and alerting, and interactive threat analysis applications built upon a distributed full packet capture and session reconstruction infrastructure. This Webcast will describe an approach that will enable your organization to detect and stop designer malware, zero-day attacks, and non-signature-based threats to improve overall network visibility, and to detect the leakage and exfiltration of valuable corporate data. We will employ specific technical case studies and demonstrations to highlight the value of such an approach.

Attendees will learn:

The technical reasons that current threats are evading current perimeter-based defenses such as IDS, log monitoring and flow-based technologies.

The true nature and sources of threats facing public and private organizations.

Advanced techniques for next generation network monitoring using full packet capture and session reconstruction, and the network visibility improvements provided by this approach.

Specific examples of adversary exploits (demonstrations) similar to trends observed within organized crime groups and state- sponsored attacks.

Meet our speaker:

Amit Yoran | CEO | NetWitness Corporation

Prior to NetWitness, Amit Yoran served as the Director of the National Cyber Security Division of Homeland Security. He was the CEO and advisor to In-Q-Tel, the venture capital arm of the CIA. Mr. Yoran was the co-founder and CEO of Riptech until its acquisition by Symantec in 2002. He was appointed the Vice President of Worldwide Managed Security Services at the Symantec Corporation. He served as an officer at the United States Air Force Department of Defense's Computer Emergency Response Team. Mr. Yoran has been on the Boards of numerous security technology companies. He earned an MS from George Washington University and a BS from the United States Military Academy at WestPoint.

Support

Partners

Blog