Skip to content

Is Your SIEM Real Shady?

August 9, 2011

Is it just me, or does anybody else smell a Rat?  The reporting, by McAfee, of an alleged 5-year cyber attack code-named Shady Rat earlier this week raises some interesting questions:

▪   How did such a widespread attack go unnoticed by so many organizations for so long?

▪   Is an attack only Advanced and Persistent if it uses new, previously vectors with which to penetrate and wreak havoc?

▪   Are current SIEM tools still the most effect way to monitor network security in a landscape where there is no common attack signature?

Most importantly – and the question that CISOs and Security Analysts around the world will be spending much time contemplating – just how do they best guard against a cyber attack and give themselves the best chance of either repelling or minimizing its impact.

We believe it’s time for a change.  In the coming weeks we’ll be answering these questions and others – and explaining why we believe there needs to be a fundamental shift in the way that

@VanityFair provides a comprehensive overview of Operation Shady Rat in its piece ‘Enter the Cyber-Dragon‘ by @M_J_Gross

No comments yet

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: