The early detection of cyber threats has long been one of the biggest goals for the IT security sector. The rapid evolution of the different types of cyber-attacks has rendered the traditional detection systems helpless to differentiate between, and detect, attack such as advanced persistent threats (APT), which are digital attacks directed at certain systems over a large period of time.
APTs as an example of a problem
Network intrusion detection systems (NIDS) try to discover unauthorized access to certain resources on the network by analyzing the data traffic to detect signs of malicious activity. Until now they have been effective in their defense against traditional cyber threats such as DoS attacks (Denial of Service), Trojans, buffer overflow, etc.
However, the rapid advancement that these new types of threats are generating calls for ever more advanced defense mechanisms. Among these attack are the APTs – large scale attacks that are easily detected during the final stages of attack by observing sudden changes in traffic on the network. That said, the first stages of the attack generate changes in traffic that aren’t so easy to detect.
NIDS have proven to be ineffective in stopping this type of threat, owing to their inability to evaluate planned cyberattacks that encompass coordinated acts, yet appear isolated and innocuous.
Early detection based on productivity
According to the consultancy firm Gartner, “there is a general consensus that advanced attacks are able to evade traditional security controls that are in place in many firms at the moment, and remain undetected on our systems for a long period of time. The threat is real. We are in danger; we’re just not aware of it yet.”
To put an end to these types of complex intrusions there is a need to implement new security policies based on proactive prevention mechanisms that will reduce the waiting time in detecting unknown malware to zero (for example, by using machine learning techniques that monitor the system looking for unusual behavior and blocking it). It isn’t always possible to maximize the detection of said malware without generating false positives, however.
This delay should be a fundamental worry for the cybersecurity sector, and closing the enormous window of opportunity should be its main task – managing to improve real-time detection of digital threats means simplifying the alter filter and improving answer time in order to contain attacks.
Adaptive Defense 360, Panda’s solution
Panda Security has a product specifically designed to close the window of opportunity on malware, which can open Zero-Day attacks and APTs on your corporate systems. This product is called Adaptive Defense 360.
The technology integrated in it allow for the detection and blocking of malicious software due to real-time monitoring of its behavior. The customer will receive an immediate alert once malware has been detected, and can rest assured that the combination of machine learning algorithms and our expert analysis will rule out false positives.
The post The goal of early cyber threat detection appeared first on MediaCenter Panda Security.
Source: Panda