Reviews

Defending Against the Inevitable – Layered Security and the Attack Chain

The VIPRE Security Group

VIPRE Security Group is a cybersecurity company that specializes in providing antivirus, anti-malware, and internet security solutions for individuals and businesses. VIPRE offers a range of security products and services designed to protect against various online threats, including viruses, malware, ransomware, phishing attacks, and other cyberattacks.

The speakers at this webinar were as follows:

  • David Kralite, the Vice President of Product Management at Vipre Security Group.
  • John Trest, responsible for the strategic product vision at Inspired eLearning, powered by Vypr.
  • Oliver Patterson, an IT security industry veteran with over 12 years of experience.

The focus of the session was on the attack chain and the different points of a typical attack. Research indicated that 50 to 80% of all attacks begin with an email targeting the end person’s device.

Attackers have become increasingly skilled at crafting convincing emails that lure users into clicking on malicious links or files.

A breakdown of the attack chain was presented:

Email as the Entry Point

Attackers can disguise emails as legitimate notifications from well-known companies like Amazon or Microsoft. The initial email might not contain malicious content but can be compromised after delivery.

User Interaction

After the email is delivered to the user’s inbox, the user might click on a link or open an attachment, which could lead to the download of malicious code and additional components. This type of attack is common in organizations, with approximately 90% of respondents reporting similar experiences.

It was emphasized that understanding the different layers of protection needed to safeguard environments from these threats is crucial.

At Viper, the different layers of protection and their impact on mitigating threats were visualized. By implementing multiple layers of security, organizations can significantly lower their vulnerability to attacks.

A live demonstration showcased Viper’s email security solution, featuring link analysis, remote browser access, and remediation capabilities. These tools enable administrators to analyze and remove malicious content from users’ mailboxes, thereby strengthening the organization’s security posture.

John Trest then presented the human defense layer, which includes phishing simulation and security awareness training. He demonstrated how Viper’s platform can simulate phishing attacks and automatically deploy remedial training to users who fail the simulations.

The session underscored the importance of understanding the attack chain and implementing strong security measures to guard against evolving threats.