By and large, individual malware strains come and go, but to stop attacks more quickly, organizations need to gain a deeper understanding of attack techniques. By analyzing the attack goals of attackers, organizations can better align their defenses to adapt to quickly changing attack techniques.
FortiGuard Labs analyzed the functionality of detected malware by detonating the malware samples collected throughout the year. The result was a list of the individual tactics, techniques, and procedures the malware would have accomplished had the attack payloads been executed. The intelligence we gathered indicates that stopping an adversary earlier is critical. Understanding adversaries’ goals is crucial to defending against the flood of changing techniques they may use. By focusing on a few identified techniques, an organization could shut down a malware’s methods for attack entirely in some situations.
This segment is sponsored by Fortinet.
Visit https://securityweekly.com/fortinet to learn more about them!
Derek Manky leads FortiGuard Labs’ Global Threat Intelligence Team at Fortinet, bringing over 20 years of cyber security experience. He has established frameworks in the security industry including responsible vulnerability disclosure, which has exercised the responsible reporting of over 1000 zero-day vulnerabilities. Manky has been with the Cyber Threat Alliance since it was founded in May 2014. For more than 15 years he has been highly engaged building public/private partnerships and supporting efforts including the CTA, FIRST.org, MITRE CTID, INTERPOL Expert Group/Gateway, and the World Economic Forum Partnership Against Cybercrime (PAC). He sits on the executive committee of the Cybercrime Atlas Initiative. His vision is applied to help shape the future of proactive cyber security, with the ultimate goal to make a positive impact towards the global war on cybercrime and threat actors.
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
