sb-au logo
Story image

Fight malware by spotting the top eight indicators of threat traffic in your network

02 May 2017

80% of cyber attacks are via malware, phishing and advanced persistent threats (APTs). 60% of organisations are focusing their endpoint security strategy on protecting data rather than devices, which means malware still finds a way into your networks.

LogRhythm says there are eight main indicators of compromise that you can identify in your network. You can use each of these indicators to detect compromised systems.

But first, you need the right tools. Network analysis tool? Check. Network tap or network switch? Check. 

The focus is largely on outbound traffic, which means analysis can take place in your demilitarized zone (DMZ) or inside your firewall.

LogRhythm reveals the details in a white paper called ‘Detecting Compromised Systems: Analyzing the Top Eight Indicators of Threat Traffic’

  • What the eight indicators of compromise are and how you can monitor them
  • Exclusive insights about some of the common attack methods like outlier traffic, DNS and ICMP tunnelling 
  • What you must do to eliminate false positives 
  • Malware’s two main weaknesses and how you can exploit them
Story image
Video: 10 Minute IT Jams - Who is CrowdStrike?
Today, Techday speaks to CrowdStrike ANZ channel director Luke Francis about the company's key products and offerings, its upcoming annual security conference, and the infrastructure it leverages in the A/NZ region.More
Story image
Shlayer malware proves Apple devices aren't as secure as you think
"Apple never talks about malware publicly, and loves to give the impression that its systems are secure. Unfortunately, the opposite has been proven to be the case with great regularity."More
Story image
Malware and email scams targeting employees spread rapidly in Q2
"Businesses must stay alert and should employ defense-in-depth tactics and equip themselves with multilayered security mechanisms, including high-sensor spam filters and a VPN connection, which would prevent malicious pages from opening."More
Story image
Revealed: The behaviours exhibited by the most effective CISOs
As cyber-threats pile up, more is being asked of CISOs - and according to Gartner, only a precious few are 'excelling' by the standards of their CISO Effectiveness Index.More
Story image
Ripple20 threat could affect 35% of all IT environments – ExtraHop
The vulnerabilities have the potential to ‘ripple’ through complex software supply chains, enabling attackers to steal data or execute code.More
Link image
Put the pedal to the metal on the road to automation
Forrester data indicates that process automation was a strategic initiative for many organizations before COVID and remains so after. Catch this webinar to learn more about automation.More