Uncover advanced attacks and detect breaches

At-a-glance
Uncover advanced attacks and
detect breaches
Advanced Compromise Assessment from HP and Mandiant
Protect your business from reputational damage, data
exfiltration, and financial loss by evaluating if your business has
been compromised and the attackers are still active.
Insights
• Nearly 25% of all
advanced attacks target
the retail and financial
services industries.1
• The average time for
organizations to detect
a breach is 205 days.2
• 69% of breaches are
reported by a third
party.3
You need to understand the risk of a
cyber-attack on your business, personal,
financial, and proprietary data. The cyberthreat landscape is rapidly evolving, and
the sophistication of attacks has increased.
And worryingly, the sources of attacks are
now from highly motivated, well-funded
adversaries often supported by crime
syndicates and nation states. This new
generation of cyber-attacks is highly targeted
and seeks to remain undetected in order to
perform cyber-sabotage activities or acquire
intellectual property, financial data, and
confidential or sensitive personal information
over an extended period of time.
Traditional security controls, such as firewalls,
intrusion prevention systems, anti-virus, and
web gateways—although still necessary—are
no longer sufficient. They are failing to protect
enterprises from these advanced targeted
attacks and the broader problem of advanced
malware. They rely on signatures and known
patterns to identify and block threats but are
ineffective in detecting unknown threats.
andiant (FireEye) M Trends, A View from the
M
Front Lines, 2015 Report
2
Ibid
3
Ibid
1
This leaves a significant gap in network
defenses, leaving enterprises vulnerable
to zero-day and targeted advanced
persistent threat (APT) attacks with their
custom-developed malware. Once inside
an organization, the malware uses several
persistence mechanisms seeking to remain
completely undetected. It can then infect other
endpoints, allow further reconnaissance, steal
credentials and data, or simply lie dormant
until the attacker is ready to strike.
Know your risks, gain
visibility, and protect
You know that your organization is under
constant threat of attack, but you don’t know
how at risk you really are. You have tight
security control over your corporate assets
but need assurance that threats aren’t lying
dormant within your network or evading your
protective measures.
Combating these advanced threats and
persistent adversaries requires a new
approach and security model. The model
needs to be real time and proactive, and
you must have the capability to respond
immediately and effectively to advanced and
highly targeted threats.
At-a-glance | Advanced Compromise Assessment
from HP and Mandiant
Take steps before it’s too late Team with security specialists
The first step is to gain visibility of the present
state of dormant and active live threats within
your network environment and across your IT
asset estate.
The Advanced Compromise Assessment from
HP and Mandiant consists of consultancy-led
services that help you detect, prevent, and
manage the risk from cyber-security incidents
and provides warning of potential security
breaches caused by advanced persistent threats.
The service combines HP and Mandiant
experience and methodology, developed over
hundreds of investigations, the latest threat
intelligence, and specialized knowledge of
advanced attacker’s tools and techniques.
We work with you to evaluate which systems
and networks might have been compromised
by stealthy and sophisticated advanced threats
and zero-day malware. Through the temporary
deployment of FireEye proprietary network
and host-based inspection technology focused
in APT detection, we search for signs of
compromise to determine if attackers have
been active in the past or are currently active,
and identify infected assets.
We also perform anomaly detection,
identifying which systems and network traffic
have different attributes from those typical in
the environment. When signs of compromise
or anomalies are identified, our team analyzes
relevant data using a wide range of log
and malware analysis skills and forensics
expertise. By combining this information with
unique threat intelligence, we confirm findings
and eliminate false positives.
The last stage of the Advanced Compromise
Assessment service provides you a
comprehensive and structured report that
explains in detail our approach, summarizes
all key steps, and presents key findings and
recommendations. This information enables
you to make the right business decisions and
increase your security posture.
We help enterprise and government clients
protect what matters. By understanding your
critical operations and mission-driven needs,
we work with you to ensure information
security within your organization. We provide
consulting services to assist with your security
strategy and help design and deploy your
security improvement programs.
We deliver integrated, innovative, and trusted
security solutions that are proved to reduce
business risk. And our managed service
extends your team’s capabilities, delivering
operational security efficiency, improving
your security posture, and maximizing your
investment in information security.
HP and FireEye security consulting and
managed service operations incorporate:
•A joint reference architecture that includes
FireEye and HP offerings
•Unparalleled global reach, expertise, and
access to security remediation—underpinned
by best-in-class technology, methodologies,
and incident response expertise
•Combined global, machine-based threat
intelligence and incident response analysis
from millions of network and endpoint-based
sensors, hundreds of incident response
engagements, and billions of security events
•FireEye proprietary technology to automate
investigative activities for hosts and network
traffic, enabling rapid assessment for even
the largest and most complex networks
•Expert teams available 24/7 to deliver
incident response to critical security breaches
•Globally available, state-of-the art forensic
laboratories and testing facilities
No matter where you are, or how big your
organization is, we can help you protect critical
information and processes while keeping your
operations flexible, efficient, and responsive.
Learn more at
hp.com/go/fightback
© Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change
without notice. The only warranties for HP products and services are set forth in the express warranty statements
accompanying such products and services. Nothing herein should be construed as constituting an additional warranty.
HP shall not be liable for technical or editorial errors or omissions contained herein.
April 2015
This is an HP Indigo digital print.