A new category of threat is emerging – a threat designed to evade traditional signature-based technologies such as Anti-Virus and Intrusion Detection. Attempting to meet the challenge is a new class of technology, “Advanced Malware Protection” or “AMP,” which is an industry term for technology designed to continuously monitor for, offload and detonate files in a sandbox - safely away from the main environment - to observe and detect malicious objects.
If a security device produces an alert in the forest, who’s there to hear it?
The challenge is these next generation advanced malware detection solutions produce so much detail about the suspicious activity that most organizations do not have the resources to thoroughly investigate/analyze. The best technology means nothing if you don’t have the right expertise to react to the alert, quickly decipher complex reports, investigate the threat, and determine the right response. And meanwhile, the threat actors aren’t standing still – they’re developing measures to circumvent controls in some traditional sandbox environments.
You will learn:
- How the threat is evolving and how actors are employing evasive practices to overcome traditional and even some more sophisticated security defenses
- Why next generation sand-boxing and full-system emulation are the keys to combating evasive malware threats
- The expertise needed to accurately identify and diagnose the threat once the alert is received
- How to ensure your organization has the ability to respond effectively to the incident and close all the back doors a threat actor may have opened