The endpoint security marketplace is crowded with vendors claiming to have superior capabilities. Cutting through all the marketing and sales pitches to understand how these products perform isn’t easy. Luckily, The MITRE Corporation conducted an independent test of the detection and investigation capabilities of leading endpoint detection and response (EDR) products against real-world attack sequences. We’ll break down MITRE’s methodology, the results, and what it all means for your organization as you assess your current and future endpoint security toolkit.
The journey to the cloud is not a linear one, and organizations choose to migrate to the cloud in a multitude of ways and approaches. The resulting complexity is the enemy of security. In fact, according to ESG, “36% of organizations use between 24 to 49 different security products while 19% use more than 50 different products from an assortment of vendors.” All this noise only makes way for more security concerns such as integration issues, misconfigurations, and access control. To overcome this complexity and succeed in the cloud, organizations must demand security solutions that can quickly and effectively scale with changing business needs. Prisma by Palo Alto Networks is the industry’s most complete cloud security offering for today and tomorrow, providing unprecedented visibility into data, assets, and risks across the cloud and delivered with radical simplicity.
Recently, Palo Alto Networks Unit 42 reported on a new exploitation platform that we called “DealersChoice” in use by the Sofacy group (AKA APT28, Fancy Bear, STRONTIUM, Pawn Storm, Sednit). As outlined in our original posting, the DealersChoice exploitation platform generates malicious RTF documents which in turn use embedded OLE Word documents. These embedded OLE Word documents then contain embedded Adobe Flash (.SWF) files that are designed to exploit Abode Flash vulnerabilities.
Palo Alto Networks Advanced Endpoint Protection provides comprehensive exploit and malware prevention that can prevent attacks before malware can be successful.
This list details the three ways in which your efforts are becoming undone and how to get the most value out of your security investments.
This brief discusses the common attack methods for delivering ransomware to enable you to focus your security controls on the areas most likely to be leveraged and reduce the risk of infection.