Sunday, March 28, 2010

Commercial products against APT -- useful or useless?

If money is not an issue to your company...

Here are some commercial products that could help in identification (and possibly remediation) of APT infections:

If you have experiences with these products or know other solutions along this line, please contact me.

In this blog I would like to explore how to identify APT infections with freely available tools (like the one's from Mandiant and others) and maybe custom scripts.

Mandiant's webinar "Fresh Prints: Malware Behaving Badly" covers some details that I would like to dive into. The "Malware Rating Index" (MRI) in the free software Audit Viewer sounds interesting.

*** Disclaimer: I'm not affiliated with any of the companies linked in this blog ***

No comments:

Post a Comment