APTs and related malware present some of security's biggest challenges. Enterprises should do everything possible to prevent infections; but, the reality is advanced threats will get through. Once the network becomes infected, it becomes a resource-intensive race to uncover the infection and mitigate the damage.
This webcast, based on a new SANS product review, will examine Damballa's approach to automating breach defense to hasten mitigation. Damballa Failsafe actively examines network traffic in real-time and documents historical behavior. Using multiple detection and risk profilers, Failsafe collects and analyzes evidence and presents precise information about infected devices. Responders can quickly prioritize their response to high-risk devices and block others until they can get to them.
In the webcast, SANS Analyst Jerry Shenk reviews how Damballa Failsafe can be the last line of defense to alert you when devices have been compromised and can provide a forensic trail to show when the attack happened; what evidence there is that the attack was successful; and often, where the attack came from.
Click here to view the associated whitepaper.