Advanced Persistent Threats (or APTs) are a kind of malware that can go undetected for long periods of time, waiting for the opportunity to strike, and leaking out your data secretly. To help you understand how APTs work, we created an interesting infographic showing the lifecycle of an APT.
Atp Sophos Xg
The ATP feature in Sophos XG Firewall analyses all network traffic (DNS requests, HTTP requests, or data packets in general), coming and going, for possible threats. The database used to identify threats is updated constantly by a CnC/Botnet data feed from Sophos Labs through signature updates. Using ATP, you can quickly detect compromised clients in your network and raise an alert or drop the traffic from those clients. To turn on advanced threat protection, click the on/off switch. When you turn it on, the following settings can be configured: General settings.
The APT lifecycle starts with an entry point on your computer network — perhaps by an infected USB device, a phishing email, or a drive-by download — before it calls home for instructions on what to do next.
Once the APT has its marching orders from the command and control (C&C) server, it begins to spread through your network, calling home with interesting data, and hiding itself from detection.
Check out the infographic below by clicking on the image to open it as a PDF for a closer look.
Infographic: Advanced Persistent Threats Uncovered
Advanced Threat Protection in UTM Accelerated (9.2)
Advanced Threat Protection in Sophos UTM Accelerated (9.2) is not just a single technology — instead, it provides layers of protection for a defense in depth.
You still need your “standard” protection in place and kept up to date. That means you need the technology to protect you from viruses, email spam, web and other malware, phishing attacks, and more. Those are still the most common tools used in the initial stages of a targeted APT attack.
If you want to find out more about how APTs work and what you can do to protect yourself against them, download our free whitepaper (registration required).
Presentation (Video): A Pragmatic Approach to Advanced Persistent Threats
Sophos Atp C2/generic-a
Security expert John Shier and senior product specialist Barbara Hudson explore how today’s targeted attacks typically work and what kind of protection is available to help reduce the risk of an attack.