O'Reilly logo

Hacking the Hacker by Roger A. Grimes

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

16Profile: Michael Dubinsky

I’m a long‐time, big curmudgeon about almost all computer security products. It’s hard to be anything else after seeing malware and exploitation seemingly get easier over two decades, especially with almost every new security product failing to meet its initial hype. I get paid to review computer security products for a living, and I often get pitched as many as twenty new products a day. If I see one product a year that seems like it might actually do what it says it can do and might have a significant impact on reducing risk, I get ecstatic. I often go years without seeing a capable, interesting product. My criticism often applies to my employer’s products as well.

With that said, I’ve truly been blown away by Microsoft’s new Advanced Threat Analytics (ATA) product. I would love it no matter who makes it. ATA uses truly advanced event and network traffic analytics to recognize active threats, including those that many security experts thought would be difficult to detect, like pass‐the‐hash (https://en.wikipedia.org/wiki/Pass_the_hash) or golden ticket (http://www.infoworld.com/article/2608877/security/fear‐the‐golden‐ticket‐attack‐.html) attacks. After watching it in action and seeing it mature over time, it’s so good that I want to quit what I do for a living and solely work to promote ATA. That’s not hyperbole. I would change jobs if they offered the opportunity. It’s that good.

Microsoft’s ATA came from an acquisition of a product from an Israeli ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required