By now you have probably heard more than you thought you would on the Advanced Persistent Threat (APT). You know what the attacker looks like, how they hide in plain sight within an environment, the motives behind the attacks, etc. Now that you know of the APT, how do you fight back?
During this State of the Hack presentation, MANDIANT’s Christopher Glyer and David Damato discussed what steps to take the first time that you detect, or are notified by law enforcement, of systems compromised by the APT within your environment. Christopher and David focus on initial steps to take, as well as some longer term recommendations of how to deal with this threat on an ongoing basis.
In the webinar, we referred to several resources:
Christopher Glyer is a Manager at MANDIANT. He has over eight years experience in computer and information security, including enterprise-wide incident response investigations, secure network design and architecture, penetration testing and strategic corporate security development. Mr. Glyer has led incident response teams in multiple Advanced Persistent Threat and card data theft compromises.
David Damato is a Manager at MANDIANT. For almost 10 years he has performed professional consulting services for both commercial organizations and the federal government. His core competencies include information security testing, network design, and incident response. Mr. Damato is a contributing member to the SANS Top 20 List and remains active on network and security working groups throughout the government and industry.
