TARGETED INTRUSION REMEDIATION: LESSONS FROM THE FRONT LINES

No ratings

Presented at Blackhat Abu Dhabi 2012 by

Jim Aldridge

Successfully remediating a targeted intrusion generally requires a different approach from that applied to non-targeted threats. Regardless of the remediation actions enacted by victim organizations, experience has shown that such threats will continue to target certain organizations. In order to be successful against these types of threats, organizations must change the way they think about remediation. This presentation outlines a model to guide tactical and strategic security planning by focusing efforts on the following three goals: Inhibit attackers activities. Enhance visibility to detect indicators of compromise. Enhance the security teams ability to effectively and rapidly respond to intrusions.