Beyond the Hype: The APT Defense Lifecycle
Today, Zscaler announced the industry’s first comprehensive cloud-based solution for advanced persistent threat (APT) security. The big news here is not only that we’re delivering this solution through the cloud, but also that we’re addressing the entire APT defense lifecycle. The challenge for so many security professionals is that so many security vendors have hyped up APTs and their APT “solutions” that it is hard to be pragmatic about security.
Defending against APTs requires a process, not just a product. There is no magical silver bullet here. Enterprises need to identify solutions that can augment their existing proicesses and allow for an defense in depth approach that covers all phases of defense including protection detection and remediation.
The number of APT “solutions” is concerning. When I was at RSA in San Francisco this past spring my ears were going to start bleeding if I heard one more vendor hawking their product as an “APT solution.” APTs are actually a very specific sort of attack detailing a long term attack cycle conducted by determined, well financed, skilled and motivated attackers with a specific goal in mind. They will leverage the full spectrum of attacks tools available to them from simple social engineering attacks to zero day attacks and everything in between.
You don’t buy a car with seatbelts and airbags expecting to use them, but you sure are happy to have them if you ever need them. You should be looking for your APT solutions with the same perspective. What will your APT solutions do for you if an attack evades the protection, detection or remediation phases of the defense lifecycle? If you don’t have a comprehensive solution (or multiple solutions) across the entire APT defense lifecycle it is like driving without a seatbelt; if an incident occurs you are going to be much worse for the wear because of it.
I could talk at length about this, so I invite you to join me on September 25 for a webinar I’m delivering on the same subject, “Beyond the Hype: Breaking New Ground Combating Advanced Persistent Threats.” If you’re interested in attending, you can register for it here: http://www.zscaler.com/breaking-new-ground-combating-advanced-persistent-threats.php?src=Web-Home