December 22, 2010 Leave a comment
The Triumfant blog has been up and running for two years now and I am always flattered that anyone would take time from their day to read a post. As we end the year, I thought I would post a list of the top 10 posts for the year, as determined by the number of views.
This post is about how Triumfant uses its unique approach – change detection and contextual analysis to see the attacks characterized by the Advanced Persistent Threat.
This is one of my favorites and addresses a critical concept – the reporting from your current defenses will obviously not tell you what attacks are getting through. The see no evil approach does not mean that you are not getting attacked.
There are any number of reports and studies that clearly show that AV detection rates are bad and getting worse. So what are organizations doing about that fact (if anything)?
This post followed a spirited exchange in the blogosphere and twitterverse about the term Advanced Persistent Threat and whether APT is more about the adversary or the attacks. This post was my entry into the conversation.
2010 was a tumultuous year for the security industry and these two acquisitions are at the front of that tumult. This post is my take on what these acquisitions mean and what happens to smaller companies when subsumed by larger ones.
Another post that follows yet another study on AV detection rates. The goal was simple: there are lots of these reports and studies published, but very little pragmatic assessment about what that means in regards to risks for the organization.
Remember back before Stuxnet? When Operation Aurora hit, I got lots of inquiries of whether Triumfant would have detected the attack. Because none of our customers were hit by the attack, our CTO Dave hooks broke down all of the data on Aurora and created this in depth case study.
This was written as a bit of a joke but reflects my many years of exhibiting at the RSA show. It was one of those posts that sounded good when written, but gives pause before you post because of the fear that it will be funny to no one else but you. I was pleased with the spirit in which it was received.
This post dug into the concepts of security configuration management in depth and provided a pragmatic conversation about the approach of Triumfant that includes our normative baseline and our automated remediation capabilities.
This very recent post grabbed a significant quantity of views faster than just about any post. The post discusses the ability of Triumfant to deliver agent level precision with the power and context of server based analysis.
So there you have the top ten as voted by you, the readers. Thank you for reading and the feedback you provide. Have a great holiday and a Happy New Year.