Some of you may remember me mentioning the 2008 SANS WhatWorks in Incident Response and Forensic Solutions Summit organized by Rob Lee. I provided the keynote and really enjoyed listening to the presentations, which Rob has graciously made available at http://files.sans.org/summit/forensics08/. One of the presentations, by Mandiant consultant Wendi Rafferty and then-Mandiant consultant (now GE-CIRT incident handler) Ken Bradley, was titled Slaying the Red Dragon.
As you can see from the first two slides shown at left, this was presentation explicitly addressed advanced persistent threat. I didn't mention it originally because it discusses a specific attack vector. However, it's been over 18 months since the presentation was made. Therefore, to show that APT is "not a new term" but also to share some technical insights, I thought it acceptable to advertise this presentation.
By the way, the presentations from the 2009 event are posted at http://files.sans.org/summit/forensics09/.
I'm sure we will discuss this topic at the 2010 Incident Response Summit and the 2010 Incident Detection Summit.
Sabtu, 06 Februari 2010
APT Presentation from July 2008
Langganan:
Posting Komentar (Atom)
0 komentar:
Posting Komentar