Advance Persistent Threats (APT) use unexpected, multiple, time limited and diverse attack vectors. Experience, knowledge and skills all play a powerful role in shaping effective security intervention decisions but without robust understanding of your context, actual network traffic and content you are left relying on making an informed guess which may or not prove to be correct.
When APT security issues occur network security operations professionals are instantly under pressure from their organization to explain and resolve the problems swiftly. So how fast can you react to a suspected APT security anomaly? And even more importantly, are you giving yourself the best chance of success when you act by ensuring that your actions are informed, appropriate and effective?
The capture and examination of network traffic before, during and after an event of interest can provide you the clarity and understanding to make a truly informed intervention and increase your likelihood of an effective outcome. Approaches to capture, indexing, search and recall of captured traffic can vary in cost and complexity, ranging from simple open source software tools to high performance, high fidelity Intelligent Network Recording solutions capable of operating at sustained link bandwidths up to 100 Gigabits per second.
Join James Barrett, Technical Director of Endace in this session for network security operations professionals where he’ll show you how to derive insight and certainty of what’s occurring by using network packet inspection and visualization techniques.