Actionable intelligence

March, 31, 2013 Branden Spikes

There's some really good actionable intelligence in this report from Palo Alto Networks.  I'm really pleased with the effort, and authoring of the content too, these guys really get it, and know how to share the ideas.  

The big things brought to light in this report are:

  • 94% of undetected malware comes from the web, and remains undetected an average of 20 days.  From my own experience, I tell people it's 80%, so this surprised me too!
  • Relatively accurate detection is possible for half of the undetected malware, by looking at any custom TCP/UDP network traffic and connections to newly registered DNS domains.
  • Some good recommendations: Investigate any outbound SMTP that isn't from your mail server.  Restrict the access capabilities of unknown, newly registered, or dynamic DNS domains.

It's really nice for us to see data like this support our tenacious efforts at Spikes.  

-B

Branden Spikes, CEO CTO and Founder, Spikes Security

Keep informed.