Guidance Software to Highlight Inside-Out Security Framework at Black Hat USA
- 31.07.2015 01:00 am
Guidance Software, Inc. (NASDAQ: GUID), makers of EnCase®, the gold standard for digital investigations and endpoint data security, today announced the publication of its vendor-agnostic Inside-Out Security Framework and will discuss it at Black Hat USA2015. Researchers will demonstrate how taking an Inside-Out approach to information security enables active defense to combat today's advanced threats, such as the proliferation of remote access terminal (RAT) malware types like those seen in recent commercial and government data breaches.
"Security teams are grappling with the complex challenge of spotting custom or zero-day malware variants that have been instrumental in some of the most widely publicized cyber attacks," said Scott Crawford, Research Director of the Information Security practice at 451 Research. "The Inside-Out Security Framework offers an actionable example of a process that illuminates the critical blind spots of traditional, perimeter-focused approaches."
The Inside-Out Security Framework breaks the security planning process into four phases:
- Know Yourself: Create a security plan, build a baseline, identify your blind spots, and close the gaps.
- Detect: Detect known threats, then detect unknown threats.
- Respond: Automate response, enable remote investigation, analyze malware, and determine scope.
- Recover: Remediate, verify and update, enrich data, and repeat.
"Knowing yourself" involves gaining visibility to all the places where sensitive data is stored on network endpoints. Security teams that do this are better equipped to respond quickly when anomalous activity is taking place there. For example, the ability to spot an unauthorized or unusual connection to a remote IP address can serve as a trigger for a team to search for unusual activity and indicators of compromise on the endpoint in question, including the forensic artifacts that RAT malware cannot avoid leaving behind.
"Our vision is to help companies and government agencies spot unknown threats earlier in order to prevent data breaches. Inside-out security approaches put the focus on knowing your endpoints and protecting the information assets that reside there," said Roger Angarita, Director of Product Management at Guidance Software. "Our research confirms the message in headline news: perimeter-focused security approaches aren't keeping determined hackers out of our networks. It's time for security teams to take an inside-out security approach using deep and rapid endpoint intelligence from inside the firewall."
Guidance Software will be presenting the Inside-Out Security Framework and a demonstration of RAT malware capture at Black Hat USA 2015. For more information on the Inside-Out Security Framework or to see a demonstration of the RAT-hunting process, visit booth #641 in the Black Hat Business Hall on August 5-6, 2015.