Attacks are constantly evolving, and so is the malware that’s used to wage them. But through a technique known as “retrospection,” organizations can replay attacks, going back to scan their networks for malware identified after their networks were infected, says Ramon Peypoch of Protectwise.
In an audio interview conducted at RSA Conference 2017, Peypoch discusses:
- The role recording and analyzing visual networks plays in so-called “retrospection”;
- How attack replays are being used to track ransomware trends; and
- Why trying to detect all threats and intrusions in real time is a “losing battle.”
At Protectwise, Peypoch, who serves as chief product officer, oversees product strategy, development and market delivery. Previously, he was vice president of web protection at McAfee. He also has held executive product and business development positions at Proofpoint, Websense and Symantec. He serves as a board member for Abusix Inc., a network abuse and threat intelligence company, and Identity Finder LLC, a sensitive data management solutions provider.
Source: SANS ISC SecNewsFeed @ February 23, 2017 at 02:15PM