Practical audit advice you can use today.
# 18 : Detecting APT and Malware through Baseline Auditing
I've been saying for years that Change Control is one of the most critical processes in our enterprise and the one that we are failing to follow most often. When you consider the 20 Critical Controls, you'll find that at least 5, and likely more, are directly related to how well you know the systems in your business. In fact, if you know your systems well you are poised to be able to discover any 0-day infections and most any APT like (Advanced Persistent Threat) threats. How can you know your systems well? Watch this webcast for a demonstration!
The Show Notes for this episode along with copies of the scripts demonstrated can be obtained here: http://it-audit.sans.org/blog/2011/10/11/detecting-apt-and-other-zero-day-malware-through-service-auditing/
© 2011, David Hoelzer & EnclaveForensics