Thursday, March 11, 2010

APT: Should Your Panties Be in a Bunch, And How Do You Un-bunch Them?

Via Sourcefire VRT Blog -

There is no more predictable group of people than marketers. Once a term reaches a certain tipping point, they grab onto it for dear life and choke it until it means nothing. Apparently, the Advanced Persistent Threat (APT) hit that point somewhere around December. Despite the term being used by the defense industrial base for years, it wasn’t until this year that firms really started pounding the “Come to us my children, only we can save you from death by APT” drum.

This isn't to say that APT isn't real; we’ll get to that in a moment. But it dilutes and distorts the term, changing it from a euphemism for a certain group of attackers who display an uncharacteristic amount of backing, talent and motivation to a “thing” that CEOs have heard of and are now looking for the “Firewall blocks APT” checkbox. This is a disservice to those who face APT-level threats and also moves it into the “whatever” category for a lot of operational folks.


Be sure to read the full, really I'm serious, read it.

Definitively one of the more sensible articles written about APT in quite some time.

Anyone that went to RSA last week, had a front row view of the APT Marketing train. Every anti-malicious product vendor had a "Protections against APT" bullet somewhere on their booth signage. It was much pretty ridiculous...and hilarious...and sad, all at the same time.

No comments:

Post a Comment