Detecting malicious behavior blended with business-justified activity

December 3, 2018

With organizations moving to the cloud and remote workers becoming the rule rather than the exception, the definition of the network is changing. Add to this the increasing use of IoT devices, encryption and engagement in shadow IT practices, and it’s easy to see why organizations have trouble keeping their network and systems secure.

What’s more, attackers are changing tactics: they are relying less and less on malware and shifting their focus to stealing legitimate credentials and living off the land by using tools that are already deployed in the environment: scripting languages like Python, system utilities like PowerShell, WMI or PsExec, or Microsoft Office’s macros.

Read More on Help Net Security