Social Network For Security Executives: Help Make Right Cyber Security Decisions
We believe, isn't a single technology/solution but is a complex program which consists of people, process and technology. Sandboxing or any single technology can only provide partial protection against “real” advanced attacks. We suggest organizations to look at the complete stack of technologies mentioned below and build a holistic program to secure against advanced attacks.
Advanced Threat Detection: ATP Products generally leverage one or more of the below mentioned techniques-
( Read More: Threat Intelligence (Workshop Presentation) )
It's time to go beyond using sandboxing as a standalone capability rather an organization needs to have a holistic approach for their ATP Program. You need to have efficient and robust analysis tools that can integrate with your existing security ecosystem and can continuously detect the most advanced threats.
But as Kevin Mitnick, World's Famous Hacker says "A company can spend hundreds or thousands of dollars on Firewall, IDS/IPS, ATP and other security technologies, but if attacker can call one trusted person within the company, and that person complies, and if attacker gets in, then all that money spent on technology is essentially wasted." Therefore, processes and people also play a crucial role in establishing the strong ATP Program.