We have all seen that advanced malware and attack chains continue to increase in sophistication. Ongoing DDoS attacks, advanced malware evolving to avoid sandbox detection or mobile malware establishing a foothold are just a few of the issues that the information security field - and IT sector in general - must confront. Today's enterprise networks are truly extended, including all endpoints, mobile and virtual, that extend to wherever employees and data are located, meaning mobile and virtual security are legitimate concerns.
An example of this can be seen in Verizon's mod recent Data Breach Investigations Report, which says that some 66% of breaches "take months or more to discover." As an industry, we have to consider the full attack continuum, considering security as more than just defeating attackers before and during attack, but even after a successful attack has bypassed our defenses.
To offer more information for the security professional, Sourcefire and Network World have teamed to create and publish the Security Chalk Talks video series. Posted every few weeks, this series of educational video content will cover important security concepts, ensuring that the understanding of threats and security keeps pace with the sophistication of the threats themselves.
Our first installment examines the advances seen in the firewall in recent years, now widely known as "Next-Generation Firewalls (NGFW)". The video examines the newest aspects of NGFWs, and we'll dive into additional threat-focused NGFW features in part two.
We have witnessed the continual adoption and use of new applications at work - whether it's a productive web app for online meetings, or a productivity-draining and risky Torrent site. Attackers to their best to take advantage of new attack vectors. Advanced firewall features like application and user identification policies and acceptable use policies provide IT organizations with control over constantly proliferating applications, as well as reduce the attack surface available to hackers.
The video series will also focus on topics such as root kits, the evolution of malware, history of viruses, rise of mobile malware and threat taxonomies, among others. If you have suggestions for topics, feel free to let us know in the comments section.