Does anyone employ active threat countermeasures at your company and if so what do you use?

Threat & Vulnerability Management
28.9k viewscircle icon6 Upvotescircle icon24 Comments
Sort by:
Director of IT in Energy and Utilities2 years ago

We use Deception technology at our perimeter and on our internal network.   Perimeter protection works extremely well.  It also takes a considerable load off the firewalls which in turn greatly reduce the logs being generated which leads to reduced expense in logging solutions.  Product is PacketViper

Director, Infrastructure and Security in Travel and Hospitality6 years ago

Ips ids in our firewalls

Lightbulb on3
CIO in Services (non-Government)7 years ago

We do not.

Lightbulb on1
Director, Infrastructure & Security in Construction7 years ago

We use services from SecureWorks – they have intrusion detection/prevention tools installed at the perimeter of our network and they are integrated into our firewalls and logging at the perimeter too – If they detect a threat or believe there is an exploit happening they can deploy blocking at the firewall and in their intrusion prevention system (blocking on the network). We also use CrowdStrike tools on key endpoints – high risk clients and our servers have their agents deployed.  This is connected to their monitoring service – which can take active steps to stop an incident if needed (taking a compromised client off the network, blocking traffic to other clients, etc.). We do not have any “hack back” tools or techniques deployed, but we do actively respond via a combination of network and client systems and services.

Lightbulb on1
VP of Global IT and Cybersecurity in Manufacturing7 years ago

Cisco umbrella, sophos, hardened endpoints.

Content you might like

With Gartner highlighting the urgency of post-quantum cryptography (PQC), I would like to know if there are other members of the group already involved in the discussion or in the planning to face the threat of attacks like 'harvest-now, decrypt-later'?

How are companies doing Unified Vulnerability Management? The idea is bringing all inputs (AppSec, DevSecOps, VM scanning, asset discovery etc) into one platform.  Instead of creating a homegrown solution, are there vendors that do this well?

In the past 6 months, have you seen an uptick in targeted cyberattacks on telehealth devices and networks?

No Increase17%

1-5% increase46%

6-25% increase24%

26-50% increase7%

51-75% increase1%

76%+1%

Other2%

View Results

What is the vulnerability remediation timeline you have adopted for CVSS >= 7.0 vulnerabilities which are only exposed to your Intranet users (not Internet)?

Between 6-12 months13%

Between 3-6 months30%

Between 2-3 months19%

Between 1-2 months15%

Between 2 weeks to 1 month12%

Between 1-2 weeks4%

Between 0-1 week5%

View Results

Is red teaming a better way to demonstrate security needs to the board than traditional compliance audits?

Read More Comments