sb-nz logo
Story image

Fight malware by spotting the top eight indicators of threat traffic in your network

02 May 2017

80% of cyber attacks are via malware, phishing and advanced persistent threats (APTs). 60% of organisations are focusing their endpoint security strategy on protecting data rather than devices, which means malware still finds a way into your networks.

LogRhythm says there are eight main indicators of compromise that you can identify in your network. You can use each of these indicators to detect compromised systems.

But first, you need the right tools. Network analysis tool? Check. Network tap or network switch? Check. 

The focus is largely on outbound traffic, which means analysis can take place in your demilitarized zone (DMZ) or inside your firewall.

LogRhythm reveals the details in a white paper called ‘Detecting Compromised Systems: Analyzing the Top Eight Indicators of Threat Traffic’

  • What the eight indicators of compromise are and how you can monitor them
  • Exclusive insights about some of the common attack methods like outlier traffic, DNS and ICMP tunnelling 
  • What you must do to eliminate false positives 
  • Malware’s two main weaknesses and how you can exploit them
Link image
How to head off a rise in DDoS attacks
Many businesses invest in costly DDoS mitigation and protection solutions, but few test them. NCC Group tests all environments and is one of only two AWS DDoS Test Partners. Claim 10% off your next DDoS service today.More
Story image
IBM Security completes industry first with updates to Cloud Pak for Security solution
"With these updates, we will be the first in the industry to bring together external threat intelligence and threat management alongside data security and identity."More
Story image
Secureworks: Remote working exposes new security vulnerabilities
New vulnerabilities have been exposed as IT teams across the world respond to the ongoing COVID-19 pandemic.More
Story image
Lumen launches managed security services for APAC market
The new service is designed to provide enterprise businesses with a proactive, connected security strategy to enhance threat detection and protection across endpoints. More
Story image
Video: 10 Minute IT Jams - SonicWall VP discusses the importance of endpoint security
In this video, Dmitriy discusses the exposure points and new risks that come as a result of widespread flexible working arrangements, how organisations should secure their massively distributed networks, and how SonicWall's Boundless Cybersecurity model can solve these issues.More
Story image
Why zero trust could fail due to lack of understanding​, not technology
Security architects are being forced to re-examine the concept of identity, with many turning to a zero trust security model to provide a better architecture for protecting their sensitive resources.More