How Are AETs Bypassing Your Current Network Security?
Whilst the industry has known about Advanced Evasion Techniques for some time now (we’ve all heard of WannaCry…), it is still surprising to see that the results for NSS Labs’ most recent NGFW test in 2017 show that on average, only 67% of AETs are detected and blocked by next gen firewall devices. Pleasing however, to see that NETprotocol’s chosen technology has the highest protection rate of 99.95% effective.
With GDPR compliance a hot topic for law firms at present, network vulnerabilities have to be addressed. Without doing this, how can compliance be achieved? As no matter what measures are taken, your data won’t be secure.
Understanding How AETs Work
Our preferred vendor for network security – Forcepoint, has lead by example within this field and infact wrote a book on AETs to help educate the sector; Advanced Evasion Techniques for Dummies. AETs in effect manipulate the underlying transport of information over the network, in order to breach inspection systems and enter your IT infrastructure. More and more, they’re being used in cyberattacks to carry exploits and malware that otherwise might have been caught by conventional networking devices.
For example, one type of evasion splits malware into pieces that are transmitted out of order. Defenses that aren’t designed to protect against advanced evasions don’t see the malware and let the mixed up traffic through. Once inside your network, the malicious code gets reassembled and can attack your servers, databases, and users.
And That’s Just the Beginning…
Cyberattackers can use these sorts of tricks across different layers of the network stack and can dynamically shift from one to another. Multiple evasions are often used together, resulting in millions of possible combinations. An effective AET defense makes it possible for inspection engines within network security devices, to see the malicious code and take appropriate actions.
How To Defend Against AETs
First things first, you need to assess your network security posture, so that you can see whether your security controls are up to the task of blocking emerging advanced threats. This is easier than you may think – with Forcepoint’s free software based testing environment for evasions, which allows you to see how well your firewalls and intrusion preventions systems (IPSs) defend against these threats.
Evader runs in both virtual and physical environments. It includes two static exploits and a controlled set of dynamic AETs and through using this tool, it becomes immediately obvious whether or not your network security device is protecting against AETs. WATCH HOW IT WORKS HERE >>
Forcepoint NGFW pioneered AET defenses and has spent years honing their firewall to provide unrivalled effectiveness in defeating evasions through their global research team, which is continuously on the lookout out for new threats to detect and new ways to protect clients worldwide.