The Challenges of Threat Detection Today
In this interview with Dark Reading at Blackhat 2016, Brian Gillooly and Roger Thorton discuss behavioral monitoring and many of the challenges that those in the security community face today.
ROGER: And we kind of leaped over this and we have about thirty seconds, I just want to hit that issue of behavioral monitoring, so we are kind of going back to that. Give us a thought or two about how that is helping your customers. So the simplest way to put it is, as our detection techniques get better, the bad guys change, right? Not that many years ago you could find a bit of binary code in your network and then the antivirus found it, right? Today, that is polymorphic. Every version is going to be different. You could look at certain ports that were in use on a machine, certain IP addresses and things they are going to. This stuff is all bouncing around now. So your detection techniques need to be extracted one level higher where you are still ultimately looking for patterns, but they are not simple, signature-based patterns. They are a collection of things that you know when you see these, you have the probability of something bad going on.
BRIAN: So you get your customers one step ahead of the game by providing that kind of a service.
ROGER: Absolutely, and we do the bulk of that heavy lifting for the customers.
BRIAN: Well, Roger, thank you for joining us at the news desk. We really appreciate it. Thank you for my gift, I will definitely be wearing that later on.