Skip to Main ContentSkip to Footer
Research & Intelligence

The ABCs of APT – Part C: Detection, Protection and Response

A quick look at 5 critical areas you need buttoned up to make your organization ready for advanced persistent threats. Part C of a series covering the ABCs.

The ABCs of APT - Part C: Detection, Protection and Response
October 19, 2016

What You Can Do to Help Detect, Protect and Respond to Advanced Persistent Threats

Heighten Your Security Against Advanced Persistent Threats (APT)

This is the last in the series covering the ABCs of APT. Be sure to check out parts A and B.

  1. Understand the 'Threat' in Advanced Persistent Threats
  2. Assess Your Risk
  3. Learn What You Can Do to Protect, Detect and Respond

Because APT actors use advanced methods, are well funded and highly targeted toward your organization, your best source for help is a Managed Security Service Provider (MSSP). An MSSP can often offer assistance across the full spectrum of cybersecurity and real world security to cover the five areas critical to APTs.

These critical areas include:

  1. Intelligence
  2. Visibility
  3. Operations
  4. Response
  5. Testing

In recent years, several new cyber security companies have come to the MSSP market via venture capital or other means. Some of this influx of providers is from software or hardware companies that expanded into MSSP as an add-on service. Like any other area, a history of experience is extremely helpful. In case you are wondering, SecureWorks has been specializing in cyber security since 1998.

A successful MSSP must have innovative vision and ability to execute. Each year, Gartner publishes the Magic Quadrant report that identifies top companies in the technology industry. Gartner is a reputable research company that provides information to help global business leaders make informed decisions. Since 2009, SecureWorks has been positioned in the top right area, the leader’s quadrant and considered both a leader in ability to execute and completeness of vision.

Intelligence

Get visibility into threats beyond the edge of your network

Stay abreast of Advanced Persistent Threats and other security threats to your organization. Cyber Threat Intelligence can provide you the advance notice to protect your systems, information and assets from attack.

Ask your MSSP for actionable intelligence and expert consultation in order to see beyond the edges of your network.

  • Identify Advanced Persistent Threat actors that may be targeting your organization or industry, their operations and put countermeasures in place to prepare against them.
  • Identify how your own organization may be making it easy for Advanced Persistent Threat actors to collect information they can use against you.
  • Get access to elite threat research identifying new Tactics, Techniques and Procedures (TTP) and discuss your concerns directly with expert resources, when you need them.

Services that may interest you:

  • Global Threat Intelligence
  • Targeted Threat Intelligence

Visibility

Get visibility and analysis into what's happening inside your network

Having visibility into your network from the inside-out is critical to detecting Advanced Persistent Threats and reducing their impact.

Your MSSP should help see what's happening across your environment. They should evaluate your architecture, help you recalibrate your security policies to ensure that the right information is being correlated by your team to form a view of the big picture across your networks, information and assets. If you choose SecureWorks for your MSSP, we can help you identify active intrusions by threat actors being watched by our SecureWorks Counter Threat Unit (CTU). Get alerted immediately when traffic is detected to known threats. Improve your organization's effectiveness at detecting and resisting sophisticated attacks.

Services that may interest you:

  • Managed Security Services
  • Security Monitoring
  • Managed Advanced Malware Protection
  • Managed iSensor Intrusion Prevention System (IPS)

Operations

Monitor and address Advanced Persistent Threats in real-time 24/7/365

Leaders must assess the expertise and resource constraints of their personnel and work to enhance the capabilities of the organization to monitor and address security threats in real-time.

SecureWorks can help you optimize the efficiency and availability of your security so your staff can focus on initiatives that move the organization forward. We can help you get 24/7/365 coverage of your environment and help you identify active intrusions by threat actors who are being watched by the SecureWorks Counter Threat Unit™ (CTU).

Services that may interest you:

  • Managed Security Services
  • Security Monitoring

Response

Prepare and respond to the inevitable to minimize disruption and cost

An Advanced Persistent Threat (APT) represents a sophisticated challenge that can push the limitations of your team and introduces tremendous risk and cost to your organization. It is for these and other reasons that a robust Incident Response capability is critical for any organization.

SecureWorks can help you with your "Plan B" and minimize any impact of an Advanced Persistent Threat breach of your network and systems. We can help you develop a strong Incident Response plan within your organization and test your Incident Response plan. Should you experience a breach, we can conduct a full forensics investigation to determine the full scope of the breach following evidentiary procedures and malware code analysis to understand the unique nature of the threat, as needed.

Services that may interest you:

Testing

Heighten Your Security and Adapt to Ever Changing Threat Landscape

To effectively counter Advanced Persistent Threat actors, organizations must test their defenses and capabilities regularly. Testing must be part of an ongoing program to raise the security preparedness and resiliency of security professional and employees.

SecureWorks can help you evaluate your security through testing that incorporates Tactics, Techniques and Procedures (TTP) used by hackers today.

Testing and incorporating the lessons learned represents the most effective way to continually improve your security capabilities and personnel to detect and respond to an Advanced Persistent Threat.

  • Determine the full scope of a breach.
  • Find and fix your vulnerabilities before an attacker does.
  • Increase employee's effectiveness at detecting and resisting Advanced Persistent Threat attacks.

Services that may interest you:

  • Penetration Testing
  • Social Engineering Testing
  • Web App Security Assessment
  • Mobile App Security Testing
  • Incident Management Risk Assessment
ABOUT THE AUTHOR
SECUREWORKS
Secureworks (NASDAQ: SCWX) is a global cybersecurity leader that secures human progress with Secureworks® Taegis™, a SaaS-based, open XDR platform built on 20+ years of real-world detection data, security operations expertise, and threat intelligence and research. Taegis is embedded in the security operations of thousands of organizations around the world who use its advanced, AI-driven capabilities to detect advanced threats, streamline and collaborate on investigations, and automate the right actions.
Back to all Blogs

Try Taegis Today

Request a demo to see how Taegis can reduce your risk, optimize your existing security investments, and fill your talent gaps.