Threat Protection vs. Threat Detection
Date: February 24, 2013
By: Aaron Delp and Brian Gracely
Description: Aaron and Brian Katz (@bmkatz) talk with Simon Crosby (@simoncrosby, Founder/CTO at Bromium) about the landscape of security threats on the Internet, recent high-profile hackings, and an update on how Bromium vSentry is setting the new benchmark for security lab results and protection.
Topic 1 - Tal Klein (@VirtualTal put up a great post this week about NBC.com getting hacked. Tell us a little about that day and your analysis of that attack in real time. (Key take away, Bromium used their production, corporate laptops, not an isolated lab environment). Tal’s comment: Browsing the web without fear of compromise. Link: http://blogs.bromium.com/2013/02/21/so-nbc-com-got-hacked-so-what/
Topic 2 - The bigger story of the week is your NSS labs testing results. You also did a post on that and you did very well. You mention the bar has been raised in the threat protection (instead of detection) industry. Who is NSS Labs and why is this so important. Link: http://blogs.bromium.com/2013/02/20/cyber-rattling-is-a-convenient-excuse-for-security-vendor-failures/
Follow Up: Has anyone ever scored 100% before?
“NSS Labs testing verified that Bromium vSentry managed to defeat and automatically remediate all attacks, including 166 embedded exploits delivered via email to Microsoft Outlook®, 153 drive-by attacks delivered via HTTP and HTTPS, and 15 advanced attacks using the Metasploit penetration testing toolset that incorporated advanced obfuscation and evasion techniques in an attempt to bypass protection.”
(Note: Opinions expressed in this article and its replies are the opinions of their respective authors and not those of DZone, Inc.)