Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

Finding Threats on Your Network: Hunt or Be Hunted

Is your network secure right now? Have any of your PCs or mobile devices been compromised? Before you even attempt to answer these questions, you need to pause and ask yourself: Can you actually answer either of these questions with any degree of certainty? Think hard about that one—because your job may depend on it.

According to the recent Verizon Data Breach Investigations Report (DBIR), the average time it takes for an organization to detect a compromise or to discover an attacker inside its network is measured in months—and sometimes years—rather than hours or minutes. With many of the major data breaches in recent years, the company found out about the attack the hard way—with a phone call from a credit card merchant or the FBI reporting stolen customer data being exposed or used in the wild.

The traditional security model is no longer working

The problem is a function of the traditional approach to security. The standard model employed by most organizations for the last decade or more is broken, and it’s time for a new strategy that focuses less on prevention. You need to look at security through a lens of shortening that time to detect a compromise and actively hunting for threats.

It's time for a new strategy that focuses less on prevention

It isn’t really a secret that the perimeter is dead. The concept of “inside the network” and “outside the network” and the idea that you can protect your network and data by simply keeping the bad guys out has been an outdated strategy for some time now. The explosion of mobile devices and BYOD (Bring Your Own Device) programs and the rise of cloud services have effectively removed whatever wall might have previously existed between your network and the bad guys.

The threat landscape has changed

Even if that was not the case, the reality is that the threat landscape shifted as well. While organizations were busy trying to harden the network perimeter, cyber espionage malware attacks like Stuxnet, Flame, and Duqu were silently spreading … undetected. While IT admins have been busy looking for unauthorized access and trying to keep the bad guys out, the attackers have been stealing credentials and logging in with valid usernames and passwords.

The vast majority of network compromises and data breaches have the appearance of authorized activity

The reality is that the vast majority of network compromises and data breaches have the appearance of authorized activity. Whether it’s an inside job by a disgruntled employee, or an external attacker using a username and password captured in a phishing attack, what you see on your network is an authorized user with valid credentials. The crucial key isn’t whether the authentication itself is valid, it’s whether the access is common behavior, and whether the actions taken once the access is granted seem normal or suspicious.

Transform security

How can you defend your network and data against current threats? Effective security comes down to three things: visibility, context, and action. You have to pay closer attention. You need tools in place that can actively monitor all of the endpoints and devices on your network—that can combine business intelligence and threat intelligence to provide context and help you identify suspicious or malicious activity.

How Tenable can help

Tenable SecurityCenter Continuous View™ (SecurityCenter CV™) gives you the tools and information you need to proactively tackle the threat hunting problem and address compromises before they become breaches. SecurityCenter CV provides comprehensive visibility and critical context to enable you to quickly take effective action. 

Don’t wait for the FBI to let you know your network has been breached. Don’t expect traditional perimeter security and anti-malware defenses alone to protect you. Adopt a new approach to security and actively hunt for threats before they hunt you.

Adopt a new approach to security and actively hunt for threats before they hunt you

For more information, read about Tenable’s Threat Hunting solution. And watch the Tenable Blog this month for more articles about Threat Hunting.

Related Articles

Cybersecurity News You Can Use

Enter your email and never miss timely alerts and security guidance from the experts at Tenable.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Try Tenable Web App Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save more.

Add Support and Training