Tuesday, August 12, 2014

Not All Intrusions Involve Malware

My latest piece in SecurityWeek entitled "Not All Intrusions Involve Malware" was published today: http://www.securityweek.com/not-all-intrusions-involve-malware.  In the piece, I tried to focus on an area that I often see overlooked within organizations.  Malware is a big problem in the security space, but it is only one of many problems security practitioners face on a daily basis.  I tried to lay out some examples of intrusion vectors that involve no malware at all and suggested approaches to detection and response.  Of course, it is not possible to enumerate every potential threat vector within the allotted length of the piece, but I hope to ignite some thought and discussion on the topic.  My hope is that the community will begin to pay more attention to analysis of the unknown unknowns.  It's an important endeavor.

No comments:

Post a Comment