http://www.darkreading.com/threat-intelligence/167901121/security/security-management/240001335/companies-see-business-in-doxing-the-adversary.html By Robert Lemos Contributing Writer Dark Reading May 31, 2012 While advanced persistent threats, or APT, have been relegated to buzzword status, the adversaries that make up the core of such threats are still around. And now, companies are focusing on selling services to analyze and identify the attackers so companies can determine the level of risk they represent. Security firm CrowdStrike, which launched earlier this year, has made adversary assessment a core part of its services. The goal is to give defenders a better idea of what threats they need to worry about, says George Kurtz, president and CEO of security startup CrowdStrike. With information on the adversaries and their intent, not just the programs used to attack, defenders with limited resources can deploy their defenses in much more effective ways, he says. "Adversary assessment is not about finding some guy in China," Kurtz says. "It is linking all the [threat] information together with the end goal of being able to marshal the limited resources that you have to face the adversary coming at you, rather than sitting in the center of your castle, putting up a bigger wall, and not knowing what side the attackers are going to come from." While perhaps 70- or 80 percent of attackers are cybercriminals, espionage is a greater worry for many companies. For those firms, finding out more about the motivations and capabilities of the groups attacking their network and systems is important. Stopping any individual attack is meaningless, because the attackers will keep trying, says Greg Hoglund, chief technology officer for ManTech CSI, a forensics and incident response firm. [...] -- Help InfoSec News with a Donation http://www.infosecnews.org/donate.htmlReceived on Fri Jun 01 2012 - 00:43:39 PDT
This archive was generated by hypermail 2.2.0 : Fri Jun 01 2012 - 00:38:26 PDT