[ISN] Companies See Business In 'Doxing' The Adversary

From: InfoSec News <alerts_at_private>
Date: Fri, 1 Jun 2012 02:43:39 -0500 (CDT)
http://www.darkreading.com/threat-intelligence/167901121/security/security-management/240001335/companies-see-business-in-doxing-the-adversary.html

By Robert Lemos
Contributing Writer
Dark Reading
May 31, 2012

While advanced persistent threats, or APT, have been relegated to 
buzzword status, the adversaries that make up the core of such threats 
are still around. And now, companies are focusing on selling services to 
analyze and identify the attackers so companies can determine the level 
of risk they represent.

Security firm CrowdStrike, which launched earlier this year, has made 
adversary assessment a core part of its services. The goal is to give 
defenders a better idea of what threats they need to worry about, says 
George Kurtz, president and CEO of security startup CrowdStrike. With 
information on the adversaries and their intent, not just the programs 
used to attack, defenders with limited resources can deploy their 
defenses in much more effective ways, he says.

"Adversary assessment is not about finding some guy in China," Kurtz 
says. "It is linking all the [threat] information together with the end 
goal of being able to marshal the limited resources that you have to 
face the adversary coming at you, rather than sitting in the center of 
your castle, putting up a bigger wall, and not knowing what side the 
attackers are going to come from."

While perhaps 70- or 80 percent of attackers are cybercriminals, 
espionage is a greater worry for many companies. For those firms, 
finding out more about the motivations and capabilities of the groups 
attacking their network and systems is important. Stopping any 
individual attack is meaningless, because the attackers will keep 
trying, says Greg Hoglund, chief technology officer for ManTech CSI, a 
forensics and incident response firm.

[...]


--
Help InfoSec News with a Donation
http://www.infosecnews.org/donate.html
Received on Fri Jun 01 2012 - 00:43:39 PDT

This archive was generated by hypermail 2.2.0 : Fri Jun 01 2012 - 00:38:26 PDT