2 Replies Latest reply on Mar 18, 2015 10:48 AM by tjreeddoc

    Setting up LEM to detect Advanced Persistent Threats (APTs)/Trojan-Ransom







      Due to recent events, my company wants to expand LEM to notify our team when Advanced Persistent Threats (APTs)/Trojan-Ransom infect our network.  Reading the following links gives a good high-level overview:






      Handling Cybersecurity Threats










      Cybercriminals infiltrate banks! Hundreds of Millions Lost!  Lessons for the rest of us










      What is an APT?






      Cybersecurity – A Practical Approach to Actionable Intelligence








      However, I am looking for a more detail guideline.  While I clearly understand each APT/Trojan could operate differently, I am looking for a more gradular guideline or whitepaper to set up LEM to notify my group an APT is on the network.  After I installed LEM I watched the following great video posted by Nicole Pauls!  Her video really helped.  Is there one for setting up LEM to detect APTs?  Or, are there other guidelines/white papers on setting up this listed feature of LEM?



      Thank you,