The Expanding Role of Data Analytics in Threat Detection
Recent SANS studies on malware, intrusion prevention and cyberthreat intelligence agree that almost every organization, no matter how well prepared, is infected with malware to some degree and that many show signs of malicious activity. The volume and variety of traffic is so heavy, and the speed with which threats evolve make it almost impossible for current methods to identify malicious or unauthorized activity on the network. Meanwhile, traditional post-mortem methods of forensic analysis offer insufficient protection.
If they're smart enough and quick enough, sophisticated data analytics can spot tiny anomalies in the flow of server performance data that could indicate an intrusion or impending data breach. But as the long list of companies that have suffered dramatic data breaches suggests, the new generation of attacker is much stealthier and persistent. How subtle or sophisticated would analysis have to be to spot these attacks as soon as they begin? And are such analytics possible today?
This webinar and associated whitepaper may not inoculate you against data breaches, but it will provide insight and guidance with regard to:
- The characteristics of the technologies being used in this modern age of intelligence-driven threat detection
- How this new type of threat detection differs from more traditional methods
- How data analytics affect existing security frameworks and complement the Critical Security Controls
View the associated analyst white paper here.
.PNG "DFIR_ICON_(1).PNG"){kind=icon}
