Enterprise Networks; Advanced Malware Detection
The Case for Advanced Threat Protection in the Enterprise
ISC8’s Cyber adAPTTM implements a sensor-based, near real-time forensics technology that identifies malware threats ahead of perimeter solutions, before devastating damage or critical data theft can occur.
This case study describes a variety of real-world scenarios that have come from customer interviews, customer trials and published data breaches in North America and Europe. The customer is a member of the Global 2000 with a large corporate network and many external vendors and suppliers.
The customer is looking for a solution to increase its security profile since multiple partners have access to their network through a Virtual Private Network (VPN). It is also concerned with the detection of hidden malware or Advanced Persistent Threats (APTs), which may breach their perimeter defenses in the future or might currently exist within the network core. These types of attacks may be instigated by a nation-state or other advanced attackers with a sophisticated set of tools and tactics to exploit a network’s security infrastructure. In the diagram below, the types of threats can come from traditional methods of attack, but also may come via a partner that has authorized VPN access into a subset of the core network.
The customer achieved a cost-effective solution through the implementation of Cyber adAPT from ISC8. Furthermore, the ISC8 solution has increased the organization’s confidence that the ongoing use of the VPN by outside partners will not compromise their network security. Additionally, Cyber adAPT has given the customer the tools that were used to quickly identify and eliminate several instances of advanced malware already existing within the core network. Finally, the customer was able to trace certain breaches back to the responsible parties, whether through negligence or malice.