« THREAT GEEK WEEKLY UPDATE - SEPTEMBER 29, 2011 | Main | THREAT GEEK WEEKLY UPDATE - OCTOBER 6, 2011 »

Friday, September 30, 2011

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

tellin it like it is

Excellent post! Bulk Malware Analyzers are part of a larger requirement and can't address what was stolen, only how the actor entered the wire. Yes, they are valuable for threat ID, but for operational best practices should only be used in a near-line capacity. Putting one in-line would limit a network's/users throughput dramatically. More importantly most have a secret hash list used for comparative threat analysis to determine what to look at, which given the nature of polymorphous malware trends is a severe limiting factor.

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Comments are moderated, and will not appear until the author has approved them.

Categories

Related Posts Plugin for WordPress, Blogger...
Related Posts Plugin for WordPress, Blogger...