by Frank Leonarad
There are a number of new technologies emerging that may start to see wider adoption in 2018. For example, the use of “remote browsers” can be helpful for isolating a user’s browsing session from the network/endpoints.
Deception technologies, which work by imitating a company’s critical assets, act as a trap for attackers looking to steal this data.
There will also be an increase in the use of solutions which can detect and respond to anomalous behaviour. Firstly, there are Endpoint Detection and Response (EDR) solutions, which can monitor endpoints and alert sysadmins of suspicious behaviour. Secondly, Network Traffic Analysis (NTA) can be used to monitor network traffic to help determine the type, size, origin, destination and contents of data packets.
Thirdly, and very importantly, more and more companies are starting to adopt sophisticated real-time change auditing solutions, which can help companies secure critical assets in numerous ways. For example, they can help detect and respond to user privilege abuse and suspicious file/folder activity — either based on single event alert or threshold condition. They can detect account modifications, deletions, inactive user accounts, privileged mailbox access and a lot more.