A couple years ago, Bruce Schneier said that against an APT attacker, “the absolute level of your security is what's important. It doesn't matter how secure you are compared to your peers; all that matters is whether you're secure enough to keep him out.” Those words have proven true over and over again. APT attackers don’t move on to the next target as soon as they see your security is a little above average.
In this age, when you have to do everything right to protect your network, it pays to look at what other people do wrong and learn from their mistakes. We are going to do just that in this webinar. Based on public and unpublished APT incidents, Rand Franklin Smith of Ultimate Windows Security has gathered a list of 9 different things that show up repeatedly:
1. Allowing open attack surfaces without securing configurations
2. Permitting unlocked ports and unfettered device usage
3. Failing to use centralized vulnerability remediation
4. Allowing untrusted software to execute
5. Failing to follow existing security policies/procedures and use at-hand technology consistently
6. Permitting open policies for privileged user authority
7. Not engaging in consistent end-user security awareness
8. Failing to leverage logging and to set up traps
9. Permitting Malware beaconing and exfiltration
These are gleaned from real-world scenarios. Look at how the attacks succeeded due in large part to the mistakes made. Also see, from a technical standpoint, how each one of these allowed one or more attacks to actually occur.
Many of these points are in the area of endpoint security. Lumension is sponsoring this event and we will show you briefly how Lumension Endpoint Management and Security Suite can help you efficiently control these risks. Learning from other people’s mistakes is a lot less painful than learning from your own, so don’t miss this real-training-for-free session!
15. Brought to you by
www.lumension.com
Speaker
Chris Merritt – Director, Solution Marketing
16. Defense-in-Depth Strategy
Successful risk mitigation
AV
starts with a solid vulnerability
Control the Bad management foundation,
augmented by additional
Device Control
Control the Flow layered defenses which go
beyond the traditional blacklist
HD and Media Encryption
approach.
Control the Data
Application Control
Control the Gray
Patch and Configuration Management
Control the Vulnerability Landscape
16
18. More Information
• Free Security Scanner Tools • Get a Quote (and more)
» Vulnerability Scanner – discover all OS and http://www.lumension.com/endpoint-
application vulnerabilities on your network management-security-suite/buy-now.aspx#2
» Application Scanner – discover all the apps
being used in your network
» Device Scanner – discover all the devices
being used in your network
http://www.lumension.com/Resources/
Security-Tools.aspx
• Lumension® Endpoint Management
and Security Suite
» Online Demo Video:
http://www.lumension.com/Resources/Demo-
Center/Vulnerability-Management.aspx
» Free Trial (virtual or download):
http://www.lumension.com/endpoint-
management-security-suite/free-trial.aspx
18